Cell-ID is a strong token-based user authentication system that utilises a user’s mobile phone as an authentication token to validate the identity of a person accessing secure electronic services. Many on-line subscription services such as Internet banking, investment portals, access to medical and insurance services rely on safe and secure user authentication. Cell-ID does not require the roll out of additional hardware, software or expensive proprietary devices to the users who need to be authenticated. Cell-ID is exceptionally practical, cost-effective and secure.
What it does
When a user logs into a computer system protected by Cell-ID, an SMS message containing a random one-time passcode (OTP) is sent to the user’s mobile telephone (typically 7 seconds). The user must submit the passcode as a password within a limited time period. The passcode is used once only for a single and unique authentication session. Cell-ID can also be combined with a password or a PIN for a stronger two-factor authentication mechanism. The SMS delivery mechanism used by Cell-ID provides outstanding performance so that Cell-ID can be used as a feasible real-time authentication mechanism.
Cell-ID is secure
A separate, authenticated communication channel (GSM) is used to deliver cryptographically strong one-time passcodes to a user's mobile telephone when logging into a secure service over an IP network. The user is alerted (by an SMS on their mobile telephone) whenever someone else tries to gain access to their account.
Cell-ID is affordable
Cell-ID needs a significantly lower capital investment than competing token-based authentication products. Cell-ID is simple to roll out. No extra authentication tokens for users to carry, and no software or hardware to install on client computers. The existing mobile telephone infrastructure is used to manage the "tokens".
Cell-ID is easy to use
Cell-ID employs familiar technology that users are already comfortable with. The user logs in as usual, followed by a prompt to type in the Cell-ID passcode which is received on their mobile telephone seconds after initiating the authentication process.
Cell-ID can be used to secure the following services:
- Web servers
- Windows domains
- UNIX logins (ssh, telnet, rsh, rlogin, X-Windows)
- Remote access dial-up servers and RADIUS integration
- Centralised Authentication Service
- Optional Dual Redundancy
- SMPP Compliant
- Secure Web Management Interface
- Multiple Administrator Levels
- Flexible Authentication Management
- Remote Authentication Dial-In User Service (RADIUS)
- Monitored SMS delivery
- Brochure - One-page overview brochure
- White Paper on Cell-ID - Cell ID: a practical method for implementing strong user authentication
- White Paper on Passwords - Passwords for access to secure Internet service are not enough