Business is going mobile.
Today’s agile organisations need to give their key people access to all their information and communication services, at any time, anywhere they happen to be.
With voice, data, video and a world of additional resources converging onto unified networks, companies with true mobility are gaining sustainable competitive advantage.
The mobile phone is already a business critical tool, and using this device as a basis for authentications produces a solution with low incremental management costs as the device is already being managed. Also the mobile phone is a personal device, the loss or failure of which is addressed immediately by the user.
- Fast to deploy - Nothing to distribute/reclaim - reduces overhead/implementation costs
- Nothing to buy
- SMS is a globally used communication tool and requires no IT literacy
- Facilitates mobility and business enablement
The user receives a randomly generated security string via SMS. They then use their PIN to extract their one-time code (OTC). This becomes their authentication credential.
This Swivel interface provides true two-factor authentication as the security string can only be accessed by the user's registered mobile phone and has the additional security that the two key elements of the authentication process are not transmitted on the same network.
The SMS option can be implemented in a number of modes.
At the time of authentication the user requests a security string to be sent to them, usually via a button on an authentication form. The security string is only valid for a finite period
The user is sent a new security string after every authentication attempt, thus ensuring that the user always has the next security string in their inbox ready to use for their next authentication.
This is a variation of the Automatic mode, where a user is sent a number of security strings in each SMS message; the user uses each string in turn (from Version 3.6 the user will be told which one to use). When they have used the last one a new one is sent to them. This has the benefit of reducing the SMS costs and also means the user can have a number of security strings available to them even when they are out of GPRS coverage.
The Swivel Mobile application (available for the iPhone, Blackberry, Google Android) can be downloaded from the appropriate app store.
The app downloads 99 security strings from a Swivel server. The Swivel Authentication Mobile app provides users with a 10 character security string. When the user wants to authenticate they combine their PIN to extract a One-Time Code (OTC).
The mobile app is an alternative solution to the security string being sent via SMS to the end-user. This means authentication is possible even during prolonged time outside mobile network coverage.