Haventec Multi-factor Authentication for Microsoft 365 / Office 365

Always-on single-step multi-factor authentication your teams will love.

Fewer clicks. More productivity. Better security.

Haventec Authenticate provides an always-on single-step multi-factor authentication user experience that your teams will love. No tokens. No complex passwords. No password managers. No one-time passcodes. No authentication apps. No SMS’s.

Give Your Teams What They Want

With more and more teams now working remotely, and this way of working being part of the foreseeable future, enterprises are turning to multi-factor authentication as a means of protecting both remote workers and corporate networks.

Multi-factor authentication has, until now, seen technology companies respond with technology solutions that do not promote adoption given the poor user experience.

We believe there is a better way – one that your business and your teams will love. The Haventec multi-factor authentication offering has been designed from the ground up with a laser focus on two key business outcomes:

1. Enhancing privacy. The Haventec platform removes the need to centrally store sensitive usernames and passwords – removing the risk of mass breach and eliminating the impact of common credential attacks including phishing, credential stuffing, social engineering and password cracking -providing the ultimate preparedness for when the enterprise is breached;

2. Driving adoption. The Haventec platform provides users with a convenient and simple single-step multi-factor user experience that does not require a token; or a PIN sent by SMS; or the need to use complex passwords; or checking an authentication app; or the need to change your password regularly.

Next Generation Key-Based Authentication

Key-based authentication uses cryptography to ensure security. A key pair is generated consisting of a public and private key. The public key is used to encrypt information that only the associated private key can decrypt. This makes it nearly impossible for hackers to compromise unless they have access to the private key.

Haventec Authenticate takes the above one step further.

To protect the private key from theft and misuse we do not store it. For every authentication, we recreate the private key from multiple factors – something you know, something you have, and something the platform has. Once the user is authenticated, we destroy the private key.

How Does It Work?

1. The user enters their PIN and it gets encrypted. (Note that the PIN is never saved or stored anywhere).

2. The encrypted PIN and a Device Secret (that is unique to your device) are sent to the Authenticate Service.

3. The Authenticate Service has an Authenticate Secret unique to your PIN and your Device. Using the Authenticate algorithm, the encrypted PIN, your Device Secret and the Authenticate Secret are combined to produce an Access Key (private key).

4. Authenticate validates the Access Key using a public key to unlock your access to the secure web site. Then the Access Key is destroyed.

5. A new Access Key is created. The New Access key and your encrypted PIN are used to create two new secrets – one for the Authenticate service, the other for the Device.

6. The new Device Secret is sent to the device ready for the next the user authenticates.

7. The user is passed through to the secure web site.

Get in touch

We’re ready to help you with any questions or enquiries you may have. Please contact us using the form on the right. Alternatively,  jump straight into our Developer Documentation to get started.