Deviceless MFA : A Revolution in the Strong Authentication Market
Deviceless MFA is the answer to cybersecurity challenges without compromising the user experience or ease of deployment for enterprises. What exactly is it? How does it work? What are the benefits? Interview with 2 of our cybersecurity experts, Bruno Prigent and Lorena Cabrera, both pre-sales engineers at inWebo.
What is Deviceless MFA?
B.P:Â In short, Deviceless MFA is what we call the browser token. It enables multi-factor strong authentication without any device (smartphone, tablet or physical key). This is a major innovation for the MFA industry.
L.C:Â Deviceless MFA is a means for the end user to strongly authenticate himself, in an ultra-secure way, just through his browser. No need for any specific hardware or software installation.
B.P:Â Exactly! With Deviceless MFA, it is the web browser (Edge, Chrome, Firefox, Safari, IE, etc.) that becomes the trusted “device” (for lack of a better word) to securely authenticate to the application(s).
Deviceless MFA: Multi-factor authentication through the browser, without any specific device (smartphone, security key, smart card).
How does Deviceless MFA work?
L.C :Â Deviceless MFA relies on a JavaScript that runs in the user’s browser. It’s more than just a Smartphoneless authentication.
B.P:Â And since all browsers know how to run JavaScript, strong authentication can be done in any type of browser, whether on a computer, a tablet or a phone.
How is it possible to ensure a highly secured authentication in a browser?
B.P:Â A browser cannot be considered a “safe” environment because it can be easily manipulated by a malicious individual. Only our dynamic and random keys, an exclusive and proprietary technology from inWebo, allow us to overcome this weakness.
L.C:Â By changing our keys randomly, simultaneously with each connection request, we ensure maximum security even in an unsecured environment. Our keys have a virtual lifetime of 0s.
B.P:Â Yes, the key required for the connection is generated exactly when a connection request gets through. And once used, it is expired. This means that even if a hacker gets hold of it, it won’t work anymore. inWebo does more than just protect its keys: we have simply made their theft useless.
L.C:Â Reason why you have to pay attention to the technology behind each MFA solution. They are far from being all equal. Multi-factor authentication is certainly a very effective protection against phishing and credential stuffing attacks, but it depends on the MFA technology you are referring to. For instance, in the European PSD2 regulation on payment security, SMS-based authentication solutions are clearly identified as not secure enough.
Strong authentication offers a full protection against cyber attacks. But not just any strong authentication solution is up for the job.
Benefits of the Deviceless MFA
A universal token, accessible to all and available immediately.
What are the benefits for the end user?
B.P.: The enrollment process is completely transparent for the user and authentication is seamless. In addition, end-users are freed from the constraints related to their equipment. L.C : Another advantage of Deviceless MFA is that the same browser can be used by different users who will each have their own authentication. This is very useful on shared computers in order to maintain a high level of connection security and distinguish the various users using the accesses.
What about for the administrators?
B.P.: Deviceless MFA is a relief for the administrators. They no longer need to provide specific hardware to users (external service providers, employees without mobile computing equipment, partners, etc.). It is THE token to promote BYOD while raising its security level. L.C : When you have an MFA project, there's an immediate emergency. Where certain security policies prevent the installation of an application, or require a long and time-consuming procedure, Deviceless is a time saver. There is nothing to install, deployment is done very quickly in a few clicks, without installation, and without needing human contact.
What about for integrators/developers?
B.P.: Developers will be happy to get rid of user passwords management. They can rely on the browser token and inWebo's development libraries to quickly implement MFA for their application. And for those who don't develop, we offer ready-to-use tools that can be simply configured. L.C : Yes and the IT teams will be able to deport and delegate the authentication to the software publisher, in this case inWebo. But that' s a good thing, because strong authentication is our speciality.
For end users
- The best user experience
- Accessible to all
- Secure multi-user connections
For admins
- Guarantee the security of all accesses without equipment constraints
- Déploiement rapide
For integrators and developers
- Very easy integration
- Delegate strong authentication to a pure player specialist with no friction
Who offers the Deviceless MFA ?
B.P:Â Only random dynamic keys make Deviceless MFA possible and above all, ultra-secure. This technology is unique and patented by inWebo.
L.C:Â It is this technology that allows inWebo’s MFA to offer the highest level of security in the market.
B.P : You should know that inWebo is focused UX by Design. The solution offers a wide choice of tokens which allows customers to open up the field of possibilities and end users to connect simply and quickly to their applications, whatever they may be. In addition to securing access from the browser, inWebo has taken special care to protect against phishing by verifying that the trusted device is being used with a legitimate application and not a malicious website.
L.C.:Â Some customers may have a solution that offers authentication based on standard protocols such as SAML or Open ID connect, or specific protocols such as Microsoft Azure AD or ADFS. Here, our technology allows them to simply add the MFA inWebo layer to offer a full browser experience to their users.
TrustBuilder is the only player on the market offering Deviceless MFA
Conclusion
The highest security on the market regardless of your digital environment
Don’t assume that all MFA solutions are equivalent in terms of security, functionality and connection experience. At a time when users are increasingly demanding, looking for more simplicity and ease of use, it is important to include the “UX” dimension in the implementation of your cybersecurity strategy.
Thanks to a large number of connectors, no matter your application, the integration of the MFA solution can be done in a few clicks. Also, inWebo supports integrators and developers in the integration process with its programming interface (API) and software development kit (SDK).
Check out our graph to help you benchmark a Multifcator Authentication MFA solution.