Authshield Achieves Direct Integration of 2-Factor Authentication With SAP

Top Quote AuthShield Labs is the only company to have achieved direct integration of 2-Factor Authentication (2FA) with SAP. End Quote
  • (1888PressRelease) September 17, 2014 - New Delhi - AuthShield has achieved direct integration with both SAP GUI and NetWeaver, thereby eliminating the need for having a SSO or VPN. Most other vendors implement 2FA on SAP via expensive Single Sign-on (SSO) solutions or via SSL VPN by putting SAP behind the VPN (virtual private network). An SSL VPN Secure Sockets Layer virtual private network is a form of VPN that can be used with a standard Web browser.

    AuthShield - Two Factor Authentication is a patented technology to protect user credentials from hacking attacks. AuthShield has achieved patent-pending integration of Two Factor Authentication with SAP & POP/IMAP protocol for mail clients.

    With the rapid growing importance of SAP in an organization daily work processes, it has become one of the most critical targets for an attacker trying to harm the organization. With organizations moving away from the security of a private network to the cloud, new threats are constantly emerging and evolving online. Most of the SAP breaches are caused due to a single factor of authentication which users use to log into SAP. As per a recent report released in a security conference in 2013, 22% of SAP vulnerabilities arise from Missing authorization check. In such an environment it has become critical to secure SAP's with Two Factor Authentication.

    About SAP
    SAP or short for Systems, Applications and Products is a German software company. Considered as one of the world's largest ERP solution providers, SAP is a leading provider of business software solutions in organizations. SAP ERP is used across thousands of different industries all over the world. Around 70% of the companies on the Forbes 500 list run on an SAP ERP.

    The ERP delivers a comprehensive set of integrated, cross-functional business processes. A large number of companies today use SAP ERP to improve productivity and insight, alignment of strategies and operations, reduce costs and support changing industry requirements.

    About SAP Login Architecture
    - SAPGUI is a software that runs on the desktops/ laptops (Windows, Mac, Unix etc) that allows users to access SAP functionality in SAP applications such as SAP ERP and SAP Business intelligence.
    - SAP Netweaver is a service-oriented application and integration platform that can be used for custom development and integration with other applications and systems.

    About AuthShield Two Factor Authentication
    AuthShield Labs - Two Factor Authentication maps the physical identity of the user to the server and increases the security of financial and other critical systems. Integrating Stronger User Authentication system not only helps prevent Online Credit Card fraud, Card Cloning, Identity theft but also helps in the capture of habitual cyber criminals.

    AuthShield authenticates and verifies the user based on -
    - Something only the user has (mobile phone/ land line/ hard token)
    - Something only the user knows (user id and password)

    AuthShield technology uses a dual mode of identification where along with the user id and password, verification is done through a secure randomly generated one time password (OTP). This is provided to the user through -

    (1) Hard Token
    AuthShield's hard token is a security device given to authorized users who keep them in their possession. To verify a transaction using second factor of authentication, the device displays a changing number that is typed in as a password. The new number is based on a pre defined unbreakable randomized algorithm.

    Thereby, the hard token enables the server to authenticate the digital identity of the sender using a hardware device apart from his user name and password.

    (2) SMS Token
    On verifying user information an OTP is sent to the user's phone via SMS/ automated call. The One time password is generated using a combination of multiple unbreakable encryption algorithms. The algorithm generates an unbreakable one time password every time the user logs onto a DMZ (De militarized zone) as specified by the IT architecture.

    (3) Mobile Token
    AuthShield's mobile token is an application installed on smart phones which generates an OTP for the user on the phone itself. The password is based on a pre defined unbreakable randomized algorithm.

    The architecture remains similar to a Hard Token except that the user only has to carry his mobile phone. Thereby, the device enables the server to authenticate the digital identity of the sender using a mobile phone apart from his user name and password.

    (4) Soft Token
    Application installed on the system generates a One Time Password using a combination of multiple unbreakable encryption algorithms.

    For more information, please contact:
    Yashika Arora
    Relationship Manager
    AuthShield Labs Pvt. Ltd.
    Phone: +91.011.47065866 ,27356212

  • FB Icon Twitter Icon In-Icon
Contact Information