Deviceless MFA : A Revolution in the Strong Authentication Market
Deviceless MFA is the answer to cybersecurity challenges without compromising the user experience or ease of deployment for enterprises. What exactly is it? How does it work? What are the benefits? Interview with 2 of our cybersecurity experts, Bruno Prigent and Lorena Cabrera, both pre-sales engineers at inWebo.
What is Deviceless MFA?
B.P: In short, Deviceless MFA is what we call the browser token. It enables multi-factor strong authentication without any device (smartphone, tablet or physical key). This is a major innovation for the MFA industry.
L.C: Deviceless MFA is a means for the end user to strongly authenticate himself, in an ultra-secure way, just through his browser. No need for any specific hardware or software installation.
B.P: Exactly! With Deviceless MFA, it is the web browser (Edge, Chrome, Firefox, Safari, IE, etc.) that becomes the trusted “device” (for lack of a better word) to securely authenticate to the application(s).
How does Deviceless MFA work?
How is it possible to ensure a highly secured authentication in a browser?
B.P: A browser cannot be considered a “safe” environment because it can be easily manipulated by a malicious individual. Only our dynamic and random keys, an exclusive and proprietary technology from inWebo, allow us to overcome this weakness.
L.C: By changing our keys randomly, simultaneously with each connection request, we ensure maximum security even in an unsecured environment. Our keys have a virtual lifetime of 0s.
B.P: Yes, the key required for the connection is generated exactly when a connection request gets through. And once used, it is expired. This means that even if a hacker gets hold of it, it won’t work anymore. inWebo does more than just protect its keys: we have simply made their theft useless.
L.C: Reason why you have to pay attention to the technology behind each MFA solution. They are far from being all equal. Multi-factor authentication is certainly a very effective protection against phishing and credential stuffing attacks, but it depends on the MFA technology you are referring to. For instance, in the European PSD2 regulation on payment security, SMS-based authentication solutions are clearly identified as not secure enough.
Benefits of the Deviceless MFA
Who offers the Deviceless MFA ?
B.P: Only random dynamic keys make Deviceless MFA possible and above all, ultra-secure. This technology is unique and patented by inWebo.
L.C: It is this technology that allows inWebo’s MFA to offer the highest level of security in the market.
B.P : You should know that inWebo is focused UX by Design. The solution offers a wide choice of tokens which allows customers to open up the field of possibilities and end users to connect simply and quickly to their applications, whatever they may be. In addition to securing access from the browser, inWebo has taken special care to protect against phishing by verifying that the trusted device is being used with a legitimate application and not a malicious website.
L.C.: Some customers may have a solution that offers authentication based on standard protocols such as SAML or Open ID connect, or specific protocols such as Microsoft Azure AD or ADFS. Here, our technology allows them to simply add the MFA inWebo layer to offer a full browser experience to their users.
The highest security on the market regardless of your digital environment
Don’t assume that all MFA solutions are equivalent in terms of security, functionality and connection experience. At a time when users are increasingly demanding, looking for more simplicity and ease of use, it is important to include the “UX” dimension in the implementation of your cybersecurity strategy.
Thanks to a large number of connectors, no matter your application, the integration of the MFA solution can be done in a few clicks. Also, inWebo supports integrators and developers in the integration process with its programming interface (API) and software development kit (SDK).
Check out our graph to help you benchmark a Multifcator Authentication MFA solution.