Providing a simple to deploy, tokenless, low overhead solution Swivel Secured systems represent the next generation of authentication technology for B2B as well as mass market, consumer applications. When passwords and PINs are keyed in and sent over networks, they are vulnerable to capture in a variety of ways including: keyboard spyware, screen capture monitoring or direct observation (also known as shoulder surfing). The Swivel SAS PINsafe™ suite of authentication solutions has been designed specifically to defend systems against these threats as well as protecting the user ID during communication between the user's PC and the authentication server.

Swivel user authentication systems differ significantly from other data access technologies in that they are entirely software based, do not involve complex, multi-level procedures nor require the user to remember passwords or secret answers. It is platform independent and can run on all common operating systems such as Linux and Windows NT, and integrate with a wide range of standard database API's.

Key Features

• Optional user interfaces to suit a range of applications and user preferences.
• Server software available as a dedicated Network Appliance.
• No client side software or special hardware requirements.
• Easily integrated within existing authorization architectures.
• Two-factor, two-channel technology setting new standards in strong authentication.

Unique Protocol

At the heart of all Swivel's authentication solutions lies a unique, patented protocol designed to ensure that the person requesting access to a secure system is who they claim to be, beyond any reasonable doubt. Using a random-generated security string issued by the server and a 4 digit user PIN the system generates a one-time-code (OTC) as a means of authenticating the user.

It is a lightweight server based protocol that does not require complex 3rd party certification, encryption or a dedicated hard token to authenticate the user. It is compatible with most operating systems and will integrate with a wide range of standard database API's.

How It Works

When the user logs on, the server sends a randomly generated 10-digit security string to the client device.

When the user logs on, the server sends a randomly generated 10-digit security string to the client device
The user is then prompted to input their 4 digit PIN using one of the Swivel PIN safe interfaces. The Swivel PIN acts as a positional reference on the security string and a new one-time-code is generated.

The methods for delivering the string, extracting the OTC and returning it to the server can vary depending on the application, the available communication infrastructure and the level of security required.

How It Works

Swivel offer two levels of secure authentication. SAS PINsafe™ is a Web based system which uses the Internet as the means of transmitting the security string and returning the OTC to the server. This is a highly secure solution, which sets a new standard in authentication compared with username & password systems as well as most established technologies. Offering a number of different user interfaces designed to defeat trojan spyware, SAS PINsafe™ can be configured to suit user preferences and the specific application.

SAS M2F™ (mobile, two-factor) leverages the functionality of the cellular mobile networks combined with the Internet to create a truly Strong authentication solution that is highly scaleable and has a low overhead compared with token based and other two factor technologies.

The swivel authentication suite provides a highly competitive option for a wide range of applications and greater flexibility than other authentication technologies such as tokens, smart cards and biometrics, offering a high value Rol with minimal technical support requirements.

To request information on this range or any other product please click the Information Request menu item.