The copyright in the material contained in this website belongs to SecurEnvoy Plc. or its licensed source. Any person may copy any part of this material, subject to the following conditions:
Multi-factor authentication apparatus pre-loads a first factor, for example a passcode, to user equipment such as a mobile telephone. The user subsequently initiates access to a protected product or service, triggering the apparatus to run a multi-factor authentication process, via an access device such as a computer connected to the Internet. The user enters the pre-loaded first factor, together with another factor such as a UserID and PIN. The pre-loading avoids vulnerability to communications problems at the time the user initiates access. Pre-loading is done every time an access session terminates for the user, either successful or failed and a user profile data store is used to manage passcodes in a manner that allows incorrectly entered first factors to be retried when delivery to user equipment is not possible.
Time-based authentication apparatus deploys a seed record to user equipment such as a mobile telephone pre-equipped with an app. When a user initiates login access to a protected product or service, using a computing device, they run the app on their mobile equipment which delivers an output such as a QR code (or other local communication such as NFC) containing two time-based codes. The login process on the computing device accepts the output and sends the time-based codes to the authentication apparatus, either together or the second code on request. The authentication apparatus now locates the codes and automatically resynchronises to any time zone across the world plus 1 hour of clock drift (+/- 13 hours UTC).
A messaging method and system sends secure emails (14) by the email originator (10) removing the portion of the email (14) which is confidential (24) from the body of the email (14). The removed portion (24) is sent to a secure storage site (30). The residue (20) of the email (14) is sent to the intended recipient (12), together with a notification (22) that the confidential portion (24) is at the secure site (30). Secure storage site 30 then sends a SMS text message (38) to the recipient’s mobile phone (44) which has an authentication code (38) which the recipient (12) uses to establish identity and retrieve the confidential portion (24) of the email message (14) from the secure store (30). The secure store (30) emails the originator with notification (60) when the recipient (12) retrieves the secure portion (24) of the email message (14).