Authentication - Identity and Access Management

As leading consultants in the application of authentication processes our aim is to help you to apply identity and access management.

Whether it’s information about people or private corporate information there is a fundamental business requirement to protect access to these areas.

Personal authentication consists of up to 3 factors commonly known as 1-F, 2-F or 3-F

Possession

Possession

  • Smartcards
  • Keyfobs
  • Mobile Devices
Knowledge

Knowledge

  • Passwords
  • Images
  • Patterns
Inherence

Inherence

  • Fingerprint
  • Retina
  • Voice

With 3-F authentication you have possession, knowledge and inherence but sometimes you may only have one or two factors applied. Electronic payments for example are usually based on 2-F authentication by having a payments card and a PIN.

'The more factors that are used the better the authentication.'
microexpert 1F, 2F, 3F authentication image

The last thing that you want to experience is a security breach

Authentication is a fundamental control for a business to deploy in protecting their digital assets. As more businesses are moving their data to the cloud, authentication has become absolutely essential for managing access to important information.

Why is cryptography is so important in achieving authentication?

The first factor of authentication we discussed was possession where the user is given for example a smart card. When the person is being authenticated the validator needs to check that the card is indeed the one issued to that person.

The way that this is done is to check that the smart card contains a secret key and the validator challenges the smart card to prove it knows this key by making it encrypt a random number.

The validator can do the same encryption step to show the card contains the same secret key. More advanced techniques can use public key cryptography.

'Cryptography and the protection of secret keys is the core technology for computer security.'
microexpert global secret key global image
So what do we do?
We advise clients on how to design and build Identity and Access Management (IAM) systems that are used to protect valuable digital assets for:
Data privacy
Electronic payments and transactions
Digital currencies and blockchain applications
Internet Of Things (IOT)
Industrial Control Systems (ICS)
So how do we do this?
We use agile development techniques for embedded cryptographic systems in the following hardware devices:
Hardware Security Modules (HSMs)
Secure Elements (SE)
Smart cards and secure MicroSD cards
Cryptographic tokens
Mobile devices

GET IN TOUCH

We will listen to your requirements and advise you on the best way forward.

We design and develop solutions both proof of concept and production to match your needs.

Call +44 (0)1903 723 548 or email us at m.

CONTACT US

+44 (0) 1903 723 548
+44 (0) 1903 734 975



Microexpert Limited
Gratwicke House
10 East Street
Littlehampton
West Sussex
BN17 6AW, UK

© 2018 Microexpert. Registered number 01755695.
line-height: 180%;