Multi-Factor Authenticators (MFAs)

Close up view on a CPU with circuitry and binary numbers displayed on top of it. The scene is positioned on a blueprint surface.

We support many Multi-Factor Authenticators (MFAs) to meet your access security needs

Hardware Token – YubiCo’s YubiKey – OTP

  • Works with Known Access Security products 
  • Secure 128-bit AES encrypted One-Time Passwords, near impossible to spoof
  • Includes usage counters to identify and prevent replay attacks
  • Works across multiple language Keyboard Layouts, utilizing only common characters
  • Generates a unique 44 Character One-Time Password on every use
  • Includes a Public ID for each OTP, allowing YubiKeys to be easily associated with a user account
  • The public keys are typically 12 characters long. No need to enter any data as it is emitted by the key
  • YubiKeys can be pre-programmed or they can be programmed by the customers
  • Key configuration software is available to program the keys
  • Whenever a YubiKey is programmed, it generates a row of configuration information in a file
  • Once all the YubiKeys are programmed then a file is ready with all the configuration data
  • The configuration file can be uploaded by following a simple procedure
  • The association between a YubiKey and a user is automated
  • We support YubiKey 4&5 for OTP
  • The NacPass App provides a secured link to communicate with the customer’s security system. All the communication is encrypted using AES256 protocol
  • The NacPass App has the capability to receive Multi-Factor authentication credentials from the enterprise security system where the App is registered.
  • In order to retrieve any information from the App sent by the security system, the users must authenticate using FingerPrint, Facial recognition or PassPhrase
  • All the communication between the App and the Known Access security system is secured in multiple layers. 
  • A token can be requested using the NacPass App. The Known Access supported tokens are 7-digit long
  • If a user tries to authenticate with a userid and password then a 7-digit token is sent to the user’s App. The token can be accessed from the App after successful authentication using Finger Print, Face ID or PassPhrase
  • The other strong method supported in NacPass is to allow a user to pre-authorize for network resource access. When this method is used then there is no need to enter a 7-digit token
  • The NacPass App can also deliver event notifications
Slide4
  • The token generation software, NacID, can be installed on a PC or Laptop
  • Users can easily register the NacID software by using the credentials provided by their security administrators.
  • The NacID software is designed in such a way that it will not work without going through proper registration process
  •  Once the NacID software is registered on a PC or a Laptop then it cannot be used on any other devices.
  • In case of any tempering, the software is disabled.
  • In order to use the NacID software, users must authenticate first using the passphrase picked during the registration process.
  • The software generates a unique token every 60 seconds once the proper secret is entered.
  • The token displayed after proper authentication can be used to access the network
  •  Any authentication using the NacID software works over Radius, TACACS+ & SGLOGIN authentication protocols.
  • In case of any errors, users and administrators are notified.
  • Any access attempts (successful or failed) are notified to the users
  • We support two methods to deliver a 7-digit code (as a 2nd factor) to the users over SMS.
    1. The users can request a 7-digit code by texting a  pre-defined configurable string to a phone number provided by Known Access
    2. When a user uses UserID and codeword to log in then a 7-digit code is issued to the user. At the same time the user is prompted to enter the 7-digit code.
  • The SMS configuration software is provided with the Known Access security system
  • This functionality to receive SMS based tokens or deliver security tokens can be enabled or disabled for the entire system or by per user basis
  • We provide a capability to send authentication success or failure notifications over SMS
  •  We also use SMS for sending validation code for NacPass App users