RCNTEC: Auth.AS Service of two-factor authentication

When using AUTH.AS to credentials of the user it is added the second factor authentications – the variable password. As a result even in case of interception by the malefactor of credentials it will not be able to use them that increases security of business data in tens of times. Penetration into the protected perimeter becomes so labor-consuming that in most cases loses any economic meaning.

The AUTH.AS service was developed with emphasis on the next key moments:

• idle time and intuitive interface;
• high availability of service 24/7/365;
• full control over authentication process of the applications;
• lack of need of storage of credentials of the user (for example, the password), on the party of Service;
• possibility of sending magazines of access to the user's infrastructure;
• simple and convenient mobile application for generation of one-time passwords iOS Android (/);
• support of the main producers of physical generators of one-time passwords, such as HID and SafeNet;
• convenient API/SDK for embedding of Service in work of your applications;
• support of protocols of integration with external systems, such as Radius and (LDAPs)

If necessary there is an opportunity to complete a training course in work with AUTH.AS Service in the ARSIENTEK training center in Moscow or far off through virtual office SOCOCO.

Minakov Sergey, vice president of ARSIENTEK of automation and development: "We created this solution proceeding from requirements of own business – and successfully we apply it. In general, the trend of growth of volume of remote work in the companies is now observed. It is promoted by a set of factors – both development of the Internet, and a wide choice of various gadgets with a full range of functions for successful remote interaction, and many other things. The solution is very relevant – a reliable system will make safe work with any data of the companies worldwide".

2017

AUTH.AS release: Token 4.2 for iOS and Android

On September 1, 2017 the Rcntec company announced release of upgraded version of free mobile application for data protection of AUTH.AS companies: Token for iOS and Android. According to developers, in the next version of service of users expects a number of important changes.

AUTH.AS submits clouds

Emergence of an opportunity to store tokens in clouds Google Cloud became one of the important tasks implemented in version 4.2 for iOS and 3.1 for Android and Dropbox. Thus, users had a possibility of synchronization of settings and profiles between all devices regardless of operating system (iOS or Android). In application controls the possibility of the choice and change of storage is available. At loss or breakdown smartphone any setup and an account will not be gone if as storage the cloud is used. The data which are stored in clouds are in addition ciphered by a security key.

Optimization recognition of the QR code

Now mobile application of AUTH.AS: Token podderzhiat QR codes of most the services using two-factor authentication. The user can quickly connect and use all accounts of the second factor of protection in one mobile application.

Password and biometrics

AUTH.AS developers complicated the password for an input in the application and a key to data in clouds, but added a feature to return at any time to identification using biometrics.

Other changes

In addition to the aforesaid, in release 4.2 the feature for automatic synchronization of event tokens between all types of storages is added.

Owners of several accounts in Google or Dropbox can easily switch between them from application controls now.

If in memory of phone and in a cloud there was different information, now the user can solve what this to leave, and the application will provide information on last modifications and will prompt what data are more relevant.

Availability

AUTH.AS application: Token is available to iOS and Android in App Store and Google Play in two localizations: in the Russian and English languages.

Integration with Check Point Mobile Access Software Blade

The Russian developer RCNTEC announced on August 16 integration of service of two-factor authentication of AUTH.AS into the solution Check Point Software Technologies — a program blade of Check Point Mobile Access.

Now, the companies using solutions of Check Point for remote access had a possibility of the organization of additional option of the strengthened authentication of mobile users.

Integration with Check Point Mobile Access Software Blade is implemented by setup of additional external servers of authentication of RADIUS as which the failover cluster of AUTH.AS which is in a cloud or established on the customer's servers acts.

When using AUTH.AS the second authentication factor — the one-time variable password which is generated by intuitive mobile application is added to credentials of the user. The generated password can be used only once. As the result, even in case of interception by the malefactor of credentials, it will not be able to use them that considerably increases security of remote access to business data, developers claim.

Our solution, as well as the solution Check Point Mobile Access, is focused on comfort of consumers and on ensuring secure remote access of employees to corporate resources. We are ready to propose to clients of Check Point Software Technologies our solution for additional reliable protection of an information access — two-factor authentication of AUTH.AS — the CEO of RCNTEC Denis Neshtun said.

The service of two-factor authentication AUTH.AS is included in the register of domestic software of the Ministry of Telecom and Mass Communications of the Russian Federation.

AUTH.AS is available to the 1C: Enterprise platform

On July 18, 2017 the RCNTEC company announced integration of service of two-factor authentication of AUTH.AS into the 1C: Enterprise platform.

System developers of AUTH.AS created the special module connected to a configuration of 1C. It gives to users of the platform to 1C the chance to protect crucial data from unauthorized access using the variable password. The module is delivered in the form of expansion for a configuration of 1C. Its installation does not attract removal of the used configuration from support.

The password is generated by free mobile application on the smartphone of the user and checked by the AUTH.AS system in real time.

Considering a tendency to transition to "clouds", questions of secure access to data and reliable protection of these data against unauthorized access rise more and more sharply. The module of integration of the platform of 1C into the solution AUTH.AS developed by us allows the heads of the companies using 1C to provide for all the employees secure access to information, without reducing at the same time convenience of using. Denis Neshtun, CEO of RCNTEC

For the acting users of cloud and boxed versions of service of two-factor authentication AUTH.AS adding of the second factor of protection to software products 1C is free.

2016: There was the third version of the application of auth.as: token for iOS

Specialists of ARSIENTEK started in the spring of 2016 the third version of mobile application for data protection of the companies – auth.as: token for iOS. The functionality, design and visualization are considerably improved. The application equally works both on iPhone, and on iPad.

• The versatility thanks to which it is possible to generate passwords for several domains at once is added, without importing every time of setup of an account. Through iCloud the list of the accounts using the second authentication factor can automatically be replicated on all IOS-DEVICES of the user.
• Synchronization of settings and profiles between all devices with uniform AppleID (is improved when using an option of iCloud storage). Any setup and an account will not be gone if as storage iCloud is used.
• Time synchronization process visualization became even more evident. It minimizes the possible problems connected with password generation on time. For stable work with one-time passwords which are updated 2 times a minute the smartphone should have ideally exact time. This application version executes check of the device on time accuracy every time at start, upon termination of notifying the user on synchronism of time.
• Time of scanning and recognition of the QR code with settings of an account was reduced, adding of new profiles became even quicker and more simply.
• Support of two-factor authentication for accounts of Google and Microsoft Office 365 is added. It is much more convenient to store and use all accounts of the second factor of protection in one application.

The AUTH.AS system is provided as a cloud service or as the boxed solution and can be installed at the customer's capacities.

In AUTH.AS tokens (the generator of one-time passwords) of different type are supported. The basic solution is use of mobile application under iOS or Android. Also many known options of physical tokens of such producers as HID, SafeNet and others can be used.