SecurEnvoy users will soon be able to access cloud solutions, such as Google Apps, Office365 and Salesforce.com, through a single-sign-on platform, using SMS messages for two-factor authentication.  The service aims to deliver high-level security, without requiring users to carry a physical token.

The new service will soon be available thanks to a partnership between SecurEnvoy and PasswordBank to bring tokenless two-factor authentication capabilities to PasswordBank’s identity management service.

“Forcing users to carry tokens around with them, and not letting them login if they don’t have them, defeats the point [of mobility],” says SecurEnvoy Sales Director Steve Watts. “By combining the freedom of using SMS messages as the second factor, workers really do have the freedom they need.”

Two factor authentication (2FA) is a way of verifying a person is who they say they are.  It requires the combination of two out of three possible factors – something you know – so a username, password or PIN; something you have – a credit card or token, and something you are – fingerprint.  The combination of a username and password does not constitute 2FA as it is two types of the same factor.

Authentication tokens, first used over 20 years ago, generate a one time passcode (OTP) which can be entered as part of a 2FA process.  They are different to PIN numbers, which are static, as they change every time and will expire within a set time.  However, unlike the original physical tokens of the 80s, today OTPs can be generated by apps on a smartphone or sent via SMS making their use not only easy, but also practical.

For more information on the service, contact SecurEnvoy or PasswordBank.