Saturday, February 25, 2017
Two-factor authentication via SMS increases the security of each login. Unlike conventional systems, no additional devices, scratch lists or cards are required. The two-factor authentication makes possible a highly secure and tamper-free identification.
Imagine an online access that has to be specially well protected: for example, the Payment Portal of a bank. Ideally, one uses a password and user name as "low-level" identification. This represents the first level of security The second step is often carried out by a scratch list or even a number generator in form of a small device.
ASPSMS can be used for the second level: The customer receives a mobile transaction number (mTAN, OTP, Token, etc.) sent to his mobile phone by the payment portal. If the SMS-code is entered correctly when logging in, the person is identified as the authorized user. No additional equipment, cratch lists or cards are needed.
Use ASPSMS as SMS Provider for existing Systems
If ASPSMS is only used to send the SMS-code (OTP, mTAN, token, etc.), the program logic for generating, temporary storage and final verification is completely on the side of the system to be protected. This approach is unproblematic and is used by many ASPSMS clients. In particular, if a two-factor logic already exists on the side of the system to be protected.
ASPSMS can be used via SOAP web service very easily for Microsoft ASP.NET Identity projecets.
More security through the use of ASPTOKEN
When using ASPTOKEN, parts of the necessary application logic are outsourced to ASPSMS. The crucial security advantage is, that any system manipulations for unauthorized intrusion are much more difficult because the SMS-codes are not stored anywhere within the system to be protected.
When usinig ASPTOKEN, the SMS-codes are instead generated by ASPSMS, stored at ASPSMS and finally verified by ASPSMS. ASPSMS again has no knowledge of the security procedures on the side of the protected system.
This kind of "partitioning" makes sense in terms of security in any case, since the confidential information is no longer stored in a single location. Instead, only individual, relatively uncritical parts are available at each involved system.
New User Registration
Click here for the ASPSMS new user registration.
Have you already registered? Log in with your user e-mail address and password.
OFCOM registered Telecommunications Service Provider (254900005).
ASPSMS is a product of VADIAN.NET AG (founded in 1995), a Swiss based Internet and Mobile Solutions pioneer. Thus, all data collected from you are automatically subject ofthe strict privacy policies of Switzerland. ASPSMS is Swiss technology that is fully developed in Switzerland. The support team also works in Switzerland. VADIAN.NET AG is today one of the leading global providers of SMS solutions with more than 200’000 satisfied business clients. The product ASPSMS was launched in 2001.
|Copyright 1995 - 2017 by VADIAN.NET AG|