Optimal IdM Releases Multi-Factor Authentication-as-a-Service

Florida-based identity management provider Optimal IdM has announced the release of a new authentication-as-a-service (AaaS) offering called Optimal Authentication Service™ (OAS). OAS is a hosted RESTful web service that provides customers with the ability to perform various types and levels of authentications including single and multi-factor. The service may be deployed in any

OAS is a hosted RESTful web service that provides customers with the ability to perform various types and levels of authentications including single and multi-factor. The service may be deployed in any datacenter and is offered in a multi-tenant environment as well as in an isolated/dedicated environment. Because the service is available via industry standard REST calls, both web and non-web applications may easily add MFA capabilities.

Multifactor authentication adds an additional step (or factor) to the authentication process, typically by pairing something the user knows, such as username and password, with an action, or something the user has, such as an SMS message to their phone, an email, or a token.

OAS’s multi-factor authentication (MFA) service works by delivering push notifications to a user’s registered mobile device to help prevent phishing and man-in-the-middle attacks.OAS works with fingerprint-enabled systems, but also includes other MFA options like Time-based One-Time Password (TOTP) and traditional One-Time Passcodes (OTP) that can be sent via Short Message Service (SMS), Email or voice calls.

Each option can be used as a stand-alone option or in conjunction with a complete Identity Access and Management (IAM) program. When integrating with an existing system, users can leverage OTPs via SMS, Email or voice without storing any information about the user in the cloud service. When using TOTP or push notifications, only device information is stored, which reduces the amount of personal identifiable information that is needed. The service can also be used to access applications in a password-less method by sending a push notifications to a mobile device for logins.

“The Optimal Authentication Service can easily integrate into your application using the RESTful call or by using our .NET SDK or jQuery plugin,” said Larry Aucoin, Managing Partner at Optimal IdM. He continued, “This service allows you to quickly and painlessly add MFA to your application and offer many different MFA options in doing so, including password-less options. It is also fully integrated into The OptimalCloud.”