AffirmID Authentication Appliance

AffirmID delivers a new generation of Multi-Factor-Authentication embracing all NIST approved MFA factors in a single appliance. While 2 factor authentication (2FA) is good, experts now suggest using all MFA factors for best-in-class security. AffirmID does so using:
Something You Have
Your Android phone or iPhone running AffirmID.
Something You Know
Your Security KEY known only to you and AffirmID.
Something You Are
Your behavioral human traits including those associated with Security KEY entry, recognized by AffirmID as identifying you uniquely from all others.
AffirmID Multi-Factor-Authentication Appliance | ProteqsIT
Clients using AffirmID Multi Factor Authorization on their phone | ProteqsIT

Nice to meet you

PIN, password, fingerprint, facial scan, all high-risk credential-based identification methods now relegated to the dustbin of technology history. Welcome the age of active identity recognition. Like humans recognizing humans, AffirmID recognizes a person from the biometrics of their behavioral traits. From phone activation and logon to how they enter their Security KEY, and how they carry their phone while going about living life, and the locations and proximity of other RF devices as doing so all contribute to personal identification. Indeed, AffirmID even recognizes when a human takes possession of the phone, critical to ensuring the blocking of rogue App attempts at mimicking the user.

A Ransomware and Security Solution for Organizations Big and Small

Key Benefits

21st CENTURY ECOSYSTEM

Seamlessly supports todays OTP 2FA needs while providing a springboard to the passwordless authentication of tomorrow using standards compliant authenticators integrated in the product today.

CYBERSECURITY

Cybersecurity requires much more than simple encryption and key storage in Security Elements. Indeed, cybersecurity at the endpoint mandates recognition of user identity by accurately distinguishing trusted user identity from all others. AffirmID fulfills this need and in doing so in full compliance with NIST IAL3 and AAL3 recommendations.

MULTI-PROTOCOL

Sporting 5 different authentication protocols, AffirmID provides unparalleled network infrastructure possibilities for both network and physical plant access security.

PERFECT LOCK

Every organization must deal with the fact that authenticator phones and tokens are subject to being hijacked, lost, stolen, loaned, or borrowed. When this occurs, all accounts secured by the missing device are at risk. AffirmID’s unique user identification mechanism prevents malicious use even when the device goes missing. AffirmID locks out everyone excepting the original user.

CONTINUOUS AUTHENTICATION

AffirmID’s continuous identity verification while a person has possession of the phone make it an ideal candidate for continuous authentication applications providing better security, ensured user identity, and lower deployment costs.

HANDS FREE AUTHENTICATION

Going together with continuous authentication applications is that of hands-free operations. Often implemented using expensive unique single purpose card readers, AffirmID solves the problem using an inexpensive Bluetooth beacon. At the time of establishing original user recognition whilst paired to their beacon the recognition state of AffirmID remains positive until beacon presence is lost or the original user turns the phone OFF. Thus, the user has freedom of motion within close proximity of their phone with AffirmID maintaining the continuous authentication session.

DEVICE SECURITY

The cybersecurity policy, procedures, and methods must be built on a sound possession and data security foundation. AffirmID provides both, possession security provided by its unique original user identity verification and data security provided by encrypting all stored data using keys stored in the phones Security Element.

SUPERIOR FAR - FRR

An authenticators False Acceptance Rate, FAR, indicates how frequently an attack attempt succeeds as a percentage of all such attempts. False Rejection Rate, FRR, indicates frequency of rejecting legitimate attempts to authenticate. AffirmID’s FAR exceeds 0.0000001% while its FRR is 0.01%.

STANDARDS COMPLIANCE

AffirmID meets or exceeds all authenticator standards, specifications, and recommendations including those for TOTP and HOTP code generation, FIDO, FIDO2, and U2F authenticators, NIST biometrics recommendations, GDPR, PCI DSS, and NSA recommendations.

TRUE YOU IDENTIFICATION

Your true identity is not recognized by others not from your fingerprint, facial image, or password but rather from observable characteristics and behavioral traits. This method seems to work well on an that basis AffirmID employs the same methods to detect and verify identity of its original user.

NO SACRIFICES

Adopting new age authentication need not entail sacrificing security someplace else in the network. In lite of the Snowden adventure at NSA, you may see USB as much a security risk as the password. Good news, AffirmID requires no USB! It facilitates FODO2 and U2F by API interface to other apps on the phone or by Bluetooth to other client devices such as PC, laptop, tablet or IoT. It also supports FIDO2 and U2F push protocols over the cellular networks.

MANAGEMENT

While it is not uncommon for organizations to provide trusted users with specific authenticator Apps and tokens used to access the organization network and physical plants, it is done for a reason, to improve the organizations security. To that end AffirmID provides many management options for organizations to tailor the authenticators to meet their specific needs.

Understanding the Jargon

Security Stack

An organizations security stack establishes the secure zone within which the organizations trusted parties conduct its business and objectives.

Endpoint

Is the outer most edge of an organization’s security stack where the secure zone meets the wild west. This is the single most likely point where the secure zone is to attack. That risk amplifies at the intersection of the secure zone and humans, be it trusted party remote access or physical plant access.

Trusted Party

A person entrusted with access permissions and rights to the secure zone. Employees, associates, contractors, partners, suppliers are but a few who might be considered trusted parties with access following authentication of their identity.

Authentication

Is the single most critical component of an organizations security stack responsible to ensure identity of every person seeking access has been affirmed by a reliable source.

Affirmed Identity

Affirmation of identity is the end objective of authentication. Your organization depends on it and currently AffirmID is the only solution that can deliver it. All others can affirm at best, validity of a credential that anyone can present.

Why AffirmID is Right for Your Organization!

AffirmID Multi Factor Authorization screenshot on phone | ProteqsIT

Suitability to Purpose!

Suitability
Authenticator suitability to purpose is important. Does the authenticator prevent attacks leveraged by compromised credentials? Does it prevent malicious use if lost or stolen? Does it foreclose account takeover and ransomware attacks? Does it prevent use by everyone other than the designated user? AffirmID meets each of the requirements and more.
Product Description
AffirmID is available on Android phones and iPhones for the prevention of account takeovers. It complies with NIST Multi-Factor-Authentication recommendations and implements patented methods of user identification.
Audience
Government agencies, institutions, businesses both large and small use AffirmID to prevent cyber and ransomware attacks, attacks that are leveraged using compromised credentials. While intended for protection of organizations, individuals better secure their own 2FA accounts using a “Lite” version available at no cost from online stores.
Strong Authentication
AffirmID brings strength and meaning to the phrase by inclusion of foolproof user identity verification as a precursor to using any of its authenticators. AffirmID is the only such product to do so.
Passwordless Ready
AffirmID leads the way to a future of fast, easy, and reliable passwordless authentication with assured identity affirmation. Inclusion of FIDO2, U2F, Accept/Decline PUSH, and FIDO2 PUSH are each forms of passwordless authentication for different protocols.

Security

Identity Verification
AffirmID is unique in its ability to identify the person in possession of the phone, the original user, allowing their access to authenticators and blocking all others. In this way AffirmID affirms their identity to the authentication process thus preventing risk of fooling the authentication process. Simply put, hijacking the AffirmID protected account is impossible.
Security KEY
Using a specialized keyboard, the original user creates a PIN like Security KEY. Unlike the ordinary PIN, the keyboard tiles capture device orientation, how you hold your device, giving each character a uniqueness of 1 in 6 million making even a 3-character KEY impossible to spoof. The ordinary PIN provides a 1 in 9 per-character uniqueness.
Human Traits
Identity recognition begins with knowing when its most likely a person has the phone in their possession. AffirmID is the only authenticator making this determination. Then it applies its AI talents to recognize 6+ human traits of the person in possession of the phone. All must agree the person in possession is the original user before that user is given the green light to use authenticators. Identifiers such as these preclude malicious use of AffirmID by rogue App’s and BOT’s as well as those who may come into possession of the original user’s phone because of its being loaned, lost, stolen, misplaced, or borrowed.
AffirmID Multi Factor Authorization security key screenshot on phone | ProteqsIT

Ready to Take the Next Steps?

TEST DRIVE

A no cost version of AffirmID is available from the Google play and Apple app stores. With it you can evaluate and test the unique personal identifier feature of AffirmID and at the same time use the App as your TOTP and HOTP authenticator.

INSTALLATION GUIDE

Head on over to our installation guide for a step-by-step instructions on installing and configuring AffirmID on your Android or Apple iOS phone. (rgb link to lets get started below)

DEVELOPER

Those enterprises and organizations seeking more control of their security destiny should consider AffirmID API explained in the Developers Link.

ENTERPRISE

Reach out with your query or to arrange a meeting to discuss how AffirmID can integrate with and benefit your organization. (rgb add link to the contact sales query form).