14 February 2011 - Swivel Secure Ltd., the UK based pioneer of tokenless two factor authentication technology, has today announced the release of PINsafe v3.8. This latest version of Swivel’s award winning authentication technology includes a range of new features, such as in-bound SMS authentication, to further extend the range of deployment options available to system administrators.
PINsafe uses a fixed PIN and a patented random security string protocol to generate one-time-codes (OTC) for each login session. Up until now the system required the user to complete the login process by sending the OTC via an Internet connection to the authentication server. PINsafe v3.8 gives the user the option to return the OTC via SMS transport for total, out-of-band user credential protection, especially against the threat of phishing and man-in-the-middle attacks.
PINsafe v3.8 also incorporates additional system management enhancements including a new mobile client model, advanced security string delivery options as well as user policy management and a new reporting feature. The changes have been introduced in response to the increased sophistication of the latest breed of security threats and the more rigorous compliance requirements now affecting a growing number of organisations operating with diverse, remote user populations.
As well as raising the bar to the highest level for maximum security applications, this feature also enables the integration of the PINsafe system with existing corporate mobile user policy in the large enterprise environment.
In addition to browser and SMS interfaces, PINsafe includes a range of mobile client options with support for Java based cell phones and PDAs, the Apple iPhone and Google Android devices.
PINsafe v3.8 enforces a client authentication policy which ensures that the mobile client is linked to a specified device, can only be used by the associated user and cannot be used to access other users’ security strings. This feature is particularly aimed at users who are required to operate in areas with poor or unreliable cellular network coverage such as on board a ship at sea, or in remote parts of the world.
The new system management features included in this latest release have also been added to reflect the diverse range of network environments and specific user requirements that now need strong and multi-factor authentication to meet regulatory compliance requirements. Specifically PINsafe v3.8 includes enhanced systems for account locking and unlocking; PIN policies including black listing; customisation of SMS number formatting for different user devices; multiple string destinations and user activity reporting.
PINsafe v3.8 also now supports the NHS Connect SMS service in direct response to demand from the growing number of NHS Trusts and hospitals which are upgrading their legacy authentication systems and moving to a PINsafe platform. This particular feature is also available as an add-on to older versions of the software.
“PINsafe was first launched in 2003 and since then Internet and mobile technology has made major advances at all levels. At the same time security threats have become more sophisticated and companies are faced with increased pressure to enforce data protection procedures,” comments Chris Russell, CTO at Swivel Secure. “PINsafe v3.8 provides system administrators with a highly flexible, secure and future-proof authentication platform to enable their organisations to keep pace with new technologies without compromising the security of the entire network.”