websights FAQ | TrustBuilder Multi-Factor Authentication (MFA) Technology

Looking for inwebo.com? You are in the right place! Read all about it in our blog post

Come and join us in person at upcoming industry trade shows and conferences

MFA Technology

Thanks to our patented random dynamic key technology, MFA can be done without worrying about the security level of the user equipment. We therefore offer an extremely simple user experience.

Since we have been around for more than 10 years, we have seen several generations of IS pass through. We are here to support you, whether you have an up-to-date infrastructure or not.

The traditional solutions of MFA are restrictive for the user (OTP to retype, need to have a specific equipment or a smartphone, impossible to connect when the token is lost/broken, etc)
TrustBuilder.io Multi-factor Authenticator eliminates all these shortcomings by offering a solution that is accessible on all the user’s equipment and easy to use.

The HSMs handle all the sensitive operations of the service and protect users’ account security data. HSMs ensure that no one can manipulate these operations, not even our own teams.

No, it’s exactly the same application, only you don’t need a smartphone to use it.

Yes, smartphones can be in a spot without network coverage. Even under these conditions, the user will be able to generate inWebo OTPs with the same level of security.

Yes, our Multi-factor Authenticator is by nature passwordless: users simply enter a PIN code rather than a long, complex password that has to change regularly.

It’s up to you. You can make the experience completely invisible for the user who will feel like he is logging in with a simple 4-digit code or, on the contrary, choose to enhance the security level of your application for your users by adding specific screens.

Conditional access is an approach that seeks to avoid requiring MFA under certain conditions. An attacker will always seek to put himself in a context that is convenient for him. Providing exceptions for MFA is a breach of security that an attacker will be able to take full advantage of.

For some MFA solutions, the user experience remains complex and could justify conditional access in order to simplify the login experience. It is certainly not the case for inWebo, which offers a natively flexible approach.

Our customers are free to set up conditional accesses but we believe that with an easy-to-use MFA it is worth having MFA requested whatever the circumstances. This way your users won’t get lost when they are in one of the exceptional circumstances that requires MFA. In addition, you will reinforce or initiate a Zero trust approach within your organization.

MFA Infrastructure

Designed as a SaaS solution, TrustBuilders infrastructure exceeds the market’s standards with 3 main pillars.

High availability: TrustBuilders servers are spread over 3 datacenters with a synchronous replication and an automatic failover – in no time – providing an availability of 99,9% per year.

Agile scalability: TrustBuilders infrastructure guarantees agile and structural scalability, capable of handling large load peaks, even unexpected ones. By design, our servers have a 6x overcapacity compared to our current needs and can be reinforced very quickly and easily.

High level ofsecurity: Our HSM’s have an unbreakable cryptographic core. No one can access or manipulate your sensitive data, not even our own teams or your administrators.

Digital Sovereignty is a key component of TrustBuilders Security approach. Therefore, all our datacenters are private and located in Europe.

Security

The PIN code never transits and is not stored. It cannot be intercepted or copied. It is of no use without the trusted equipment.

On the other hand, a password is transmitted at each authentication and is generally stored on the user’s workstation and/or the server: it can be intercepted or stolen and then reused on an access protected only by password.

We designed the solution to be SaaS. This means that our data centres have synchronous replication and automatic failover to guarantee service availability. Our platform is multi-tenant and HSMs perform all sensitive operations to guarantee you a tamper-proof environment.

We offer an availability of 99.9% per year, i.e. less than 4 hours of downtime per year.

Yes, we even protect against advanced phishing attacks by preventing the user from authenticating on a website that is not legitimate.

Deviceless / Smartphoneless / Browser Token

Deviceless offers the user the ability to strongly authenticate himself without needing to have a specific equipment (smartphone, smart card, usb key, etc.).

Check out our article on the Deviceless MFA technology.

Thanks to our browser token (Deviceless MFA), authentication can be done directly in the users’ browser without the need to install a mobile application or PC/Mac.

Token

TrustBuilder.io Multi-factor Authenticator provides a wide choice of authentication methods (Mobile Application, Desktop Application, Browser) that shall be used in combination with an application password, a PIN code or a biometric factor.

The administrator configures how many trusted devices users can have. This way the user won’t be unable to log in if he has forgotten or lost his smartphone.

No, our technology does not require sending a text message.

If he has other trusted equipment available, he can connect with or use it to declare new trusted equipment.
An administrator or helpdesk agent can also help a user define another Trusted Equipment in seconds.

Not necessarily, you can also use our PC/Mac Authenticator or simply use your browser as a trusted device. Check out the “Deviceless” topic in the FAQ to learn more about this technology.

Deployment

Our solution is SaaS-based and does therefore require very little effort to install. The only bricks to install are: a provisioning tool for accounts provided by TrustBuilder and potentially a specific connector when the application to protect is not compatible with our connectors.

We provide web and mobile SDKs for consumer projects that want to embed MFA without disrupting the user experience.

Administration

TrustBuilder provides a specific website with practical tools and guides to facilitate (even more) the integration of our multi-factor authentication solution to your applications.

Documentation

Documentation and tutorials to guide you in integrating TrustBuilder.io Multi-factor Authenticator (MFA) into your architecture.

Integrator kit

Resource files and sample code to integrate the InWebo Web Services API in your desired language.

Support

You need technical support and can’t find the answer to your question in the FAQ?

Keep in mind that TrustBuilder cannot provide direct support to the end users of its solution for security and confidentiality reasons. Contact the support of the organization that opened your account and gave you your access codes.

If you’re a partner or direct customer of TrustBuilder you can contact our support team.

You can’t create a profile TrustBuilder.io Multi-factor Authenticator yourself and associate it with your accounts – it’s up to the organizations managing those accounts to do that for you. For example, your company creates a profile for you to access your business applications, and your bank allows you to authenticate to its online banking application.

The organization that creates your profile will provide you with an activation code. This can be a numeric code or a clickable link in an email sent by your organization. TrustBuilder does not have access to this information.

If you haven’t received an activation code or email, first check your junk mail (spam) folder. If you still can’t find it, you should contact the organization that created your profile TrustBuilder.io Mobile Authenticator directly. This can be the IT support team, a customer support hotline or other depending on the organization.

If you can no longer access your TrustBuilder account, you must contact the organization that created your profile directly. Please do not contact us for this, we are unfortunately unable to respond to support inquiries from end users.