Strong Authentication using mobile phone
Solution advantages
For online users :
- Simple and free for your users
- Certificall secures the access to the web service by means of a call to the personal phone of your user (landline or mobile). The call is free of charge for your user. Certificall is compatible with all types of phones, all telecom operators and all browsers.
- Reliable multimodal security
- During the phone call several security data are exchanged in order to ensure a reliable strong authentication :
- PIN code (known by the user and captured by him on the phone’s keyboard),
- Transaction code (indicated on the web page and captured by the user on the phone’s keyboard),
- Audio OTP – NSDT technology - TagAttitude (audio signature broadcasted by the web page and automatically analysed during the phone call),
- OTP transaction (similar to OTP SMS, unique password sent by phone, listened to by the user and captured on the web terminal)
- Real time
- Certificall calls the user immediately. Unlike the use of SMS, Certificall enable the monitoring in real time of the strong authentication process. Your user is guided although the process by help messages during each step of the process. For exemple, when Certificall awaits the capture of the Pin code, the message ‘Please insert your personal code on the keyboard of your phone’ can be displayed.
- Alert in case of fraudulent use
- In case of fraudulent use of his identifiers, the user will be alerted on his phone. Indeed, Certificall will inform your user in real time when there is an attempt to use his codes !
- Secured updates of phone numbers
- The modification of phone numbers is also secured by Certificall, before the updating of the user’s profile. The control before the update aims at preventing the fraudulent change of phone number as well as errors in the capture of phone numbers.
For online services editors :
- In conformity with the legal IT obligations
- Certificall enables the online service editors to fulfil the strong authentication obligations as well as the IT security standards for all online sensitive services and transactions
- Token-less, ideal for a mass deployment
- No specific equipment is necessary therefore no deployment nor downloading of a software is required. With Certificall you will be able to deal with a large number of users at the same time.
- Strong authentication
- Certificall is based on the exchange of security data (PIN Code, transaction code) and/or audio encrypted signature of type Audio-OTP (NSDT technology, TagAttitude patent). The technology is efficient against all attacks of type “Man-in-the-middle” and troyans. Certificall is a solution which is more secured than than the basic SMS solutions because no data is kept in the mobile and the authentication can be protected by a PIN code.
- Real time monitoring
- Once the authentication is requested by the web service, Certificall will immediately call the user and suggest the monitoring of the call in real time from the web service. In case of litigation, this call can be easily traced back and can this trace can be used as a supplement to the certificate granted by Certificall at the end of the call (the certificate is signed by either a private or public key)
- More profitable
- Certificall is indisputably less expensive than the strong authentication solutions based on specific equipment in regard of both the deployment phase and the cost per user. Even in case of high traffic, Certificall is less expensive than the other authentication sms based solutions (according to a study based on the average cost incurred by operators in Europe for the transmission of an OTP by sms as well as the processing of an authentication Certificall that requires a call of 30 seconds maximum towards mobile phones).
Try Certificall
Start a free trial to test the efficiency of the innovative audio One-Time-Password feature of CertifiCall™
Our examples
Many examples like a web service,a sso,adigital signature are online.
Click here to try !