Cell-ID

Cell-ID is a strong token-based user authentication system that utilises a user’s mobile phone as an authentication token to validate the identity of a person accessing secure electronic services. Many on-line subscription services such as Internet banking, investment portals, access to medical and insurance services rely on safe and secure user authentication. Cell-ID does not require the roll out of additional hardware, software or expensive proprietary devices to the users who need to be authenticated. Cell-ID is exceptionally practical, cost-effective and secure.

What it does

When a user logs into a computer system protected by Cell-ID, an SMS message containing a random one-time passcode (OTP) is sent to the user’s mobile telephone (typically 7 seconds). The user must submit the passcode as a password within a limited time period. The passcode is used once only for a single and unique authentication session. Cell-ID can also be combined with a password or a PIN for a stronger two-factor authentication mechanism. The SMS delivery mechanism used by Cell-ID provides outstanding performance so that Cell-ID can be used as a feasible real-time authentication mechanism.

Benefits

Cell-ID is secure

A separate, authenticated communication channel (GSM) is used to deliver cryptographically strong one-time passcodes to a user's mobile telephone when logging into a secure service over an IP network. The user is alerted (by an SMS on their mobile telephone) whenever someone else tries to gain access to their account.

Cell-ID is affordable

Cell-ID needs a significantly lower capital investment than competing token-based authentication products. Cell-ID is simple to roll out. No extra authentication tokens for users to carry, and no software or hardware to install on client computers. The existing mobile telephone infrastructure is used to manage the "tokens".

Cell-ID is easy to use

Cell-ID employs familiar technology that users are already comfortable with. The user logs in as usual, followed by a prompt to type in the Cell-ID passcode which is received on their mobile telephone seconds after initiating the authentication process.

Applications

Cell-ID can be used to secure the following services:

Web servers
Windows domains
UNIX logins (ssh, telnet, rsh, rlogin, X-Windows)
FTP
Remote access dial-up servers and RADIUS integration

Features

Centralised Authentication Service
Optional Dual Redundancy
SMPP Compliant
Secure Web Management Interface
Multiple Administrator Levels
Flexible Authentication Management
Remote Authentication Dial-In User Service (RADIUS)
Monitored SMS delivery

Documentation

Brochure - One-page overview brochure
White Paper on Cell-ID - Cell ID: a practical method for implementing strong user authentication
White Paper on Passwords - Passwords for access to secure Internet service are not enough