Secure online payment

 

IDentiWall VPN - For Virtual Private Network Security

Target market

Any VPN or SSL-VPN users who wish to implement Multi-Factor authentication.

Product schema

Typical workflow

    • The user starts the login process to the VPN by submitting their User-ID and Password (credentials)
    • The VPN refers the credentials to IDentiWall’s Radius server.
    • IDentiWall checks in Active Directory or in its own database if the particular user is managed by IDentiWall and verifies the user’s password either by LDAP authentication or by checking the password against its own database. If the organization already utilizes a third party radius server, IDentiWall can authenticate the user through it.
    • If the user is managed by IDentiWall, it sends a One-Time-Password (OTP) to the user’s handset (both mobile or Dect handsets are supported)õ
    • IDentiWall instructs the VPN to send the user a challenge screen onto which they have to copy the OTP they got on their handset.
    • If the user is protected by IDentiWall’s pre-installed Mobile agent or WAP pushed agent, the agent asks for a Pin Code in order to decrypt the encrypted OTP.
    • The user copies the OTP to the challenge screen and submits it to the VPN
    • The VPN refers the OTP it got from the user to IDentiWall’s Radius server that, in turn, compares it against the original OTP it has sent to the user.

Please note that IDentiWall maintains a one-to-one relationship between the user’s VPN session and the OTP that was sent for that session. Legitimate OTPs which were supposed to be used in other sessions are not accepted. Only the original OTP of the particular session is accepted.
    • If the OTP comparison is successful, IDentiWall authorizes the VPN to open the door for the user.
      • Included technologies
      • Authentication methods
      • SMS sending
      • Radius server
      • Security
      • LDAP client
      • Optional technologies
    • Billing methods
    • HTTP gateway
    • SMPP client
    • Secured registration
    • Mobile pre-installed agent
    • WAP pushed agent
    • SMS routing gateway
    • Billing server
    • Syndication server
      • Implementation issues
    • 10 minutes installation
    • One hour set up
      • Active Directory credentials
      • Active Directory IDW group establishment for all the users who are to be covered by IDentiWall.
    • Testing
    • Training local staff
      • Billing issues
    • Who serves as the SMS broker?
    • Opening an account with the SMS broker
    • Who pays for the SMSs, the customer or its users?
    • If the users pay (such as in a university typical situation), each user needs to activate their account by purchasing SMS credits in the Billing server.
    • Set up the user’s profile of preferences
      • Licensing issues
      • Number of users with pre-paid license fees to be covered by IDentiWall. These users will pay discounted prices for their SMS consumption.
      • Does the customer wish to implement Pay-as-You-Go users? For these users the customer has to purchase undiscounted SMS credit.

More IDentiWall Authentication Security Products

IDentiWall VPN