Phishing Resilience
Protect your company from phishing attacks with the best multi-factor authentication (MFA).
Over 90% of all cyberattacks start with a phishing email
Limits of traditional multi-factor authentication (MFA)
Many companies rely on MFA to increase security by combining at least two independent authentication methods. However, not all MFA methods are equally secure. Basic MFA methods such as OTP/TAN or mobile app push notifications are not sufficient to protect against modern phishing attacks. Attackers use ‘Adversary-in-the-Middle’ (AitM) phishing, where they use a proxy server to intercept all the information the user enters.
Phishing-proof MFA through signature-based methods
The most effective defence against phishing is an MFA based on digital signatures. These methods use private keys that are securely stored and never sent over the network. The best-known technologies in this area are certificate-based authentication and FIDO (Fast IDentity Online).
How does signature-based MFA work?
Challenge from the server: The server sends a request to the client containing a random number, the current time and the URL of the server. Creation of the signature: The client uses its private key, which is protected by another factor such as a PIN or biometric data, to sign the request.verification of the signature: The server verifies the signature. If it is correct and matches the TLS connection, authentication is successful.
Advantages of signature-based MFA – Certificate-based authentication
- Not based on passwords
- Requires public key infrastructure (PKI)
- Enables trustworthy digital signatures
- Supported by many operating systems and browsers
- Centralised management and key recovery possible
FIDO-Authentication
- Not based on passwords
- Separate key pairs for each communication partner
- No centralised revocation of public keys necessary
- Offers highest security without centralised management
High security does not have to be expensive
In the past, certificate-based authentication solutions were considered expensive and complex. Today, companies like Eviden offer subscription-based PKI solutions that require little initial investment. Automation tools for issuing, renewing and managing certificates reduce the need for specialised staff and lower operating costs. In addition, according to a BBC study, passwordless MFA amortises within the first year.
Eviden Digital Identity solutions
Eviden is a leading provider of data-driven, trusted and sustainable digital transformation. Our comprehensive solutions for securing electronic identities utilise cryptographic technologies and applications to ensure the highest security standards.
Certificate-based authentication by Eviden
Eviden offers flexible solutions for integrating efficient, phishing-proof authentication into everyday working life. Our IDnomic PKI is available both as an on-premise solution and as a cloud-based model. Our middleware and credential management systems link the necessary certificates to the cryptographic components and offer maximum flexibility.
Phishing-proof e-mail communication
As the majority of phishing attacks are carried out via email, the S/MIME signature is becoming increasingly important as a security measure. With cryptovision GreenShield, Eviden offers a comprehensive solution for secure and trustworthy email communication.
Availability of CardOS FIDO Token
Eviden also offers the CardOS FIDO token, which offers maximum flexibility and security. This token supports both certificate-based authentication and FIDO keys, which enables versatile use.
Start now into a secure future with Eviden
Increase your organisation’s resilience against phishing and secure your authentication with signature-based MFA solutions from Eviden. Learn more about our products and services and how we can help you make your digital transformation secure and efficient.
Visit us for more information and let’s take your security to the next level together