Single-step multi-factor authentication your customers will love.
Haventec Multi-factor Authentication
So Simple, Yet So Secure.
Haventec Authenticate provides a single-step multi-factor authentication user experience that your customers will love – no tokens, no SMS codes, no complex passwords, and no authentication apps.
Give Your Customers What They Want
Password reuse is normal. According to Microsoft, 60% of users reuse passwords. Password reuse is risky. According to Verizon, 81% of data breaches are caused by compromised, weak, and reused passwords.
In response to the inherent weakness in the use of passwords, technology companies have responded with technology solutions including strong passwords, regularly changing passwords, multi-factor authentication, and password managers.
We believe there is a better way – one that your business and your customers will love – no tokens, no PIN’s sent by SMS, no complex passwords, no authentication apps, no need to change your password.
Next Generation Key-Based Authentication
Key-based authentication uses cryptography to ensure security. A key pair is generated consisting of a public and private key. The public key is used to encrypt information that only the associated private key can decrypt. This makes it nearly impossible for hackers to compromise unless they have access to the private key.
Haventec Authenticate takes the above one step further.
To protect the private key from theft and misuse we do not store it. For every authentication, we recreate the private key from multiple factors – something you know, something you have, and something the platform has. Once the user is authenticated, we destroy the private key.
How Does It Work?
1. The user enters their PIN and it gets encrypted. (Note that the PIN is never saved or stored anywhere).
2. The encrypted PIN and a Device Secret (that is unique to your device) are sent to the Authenticate Service.
3. The Authenticate Service has an Authenticate Secret unique to your PIN and your Device. Using the Authenticate algorithm, the encrypted PIN, your Device Secret and the Authenticate Secret are combined to produce an Access Key (private key).
4. Authenticate validates the Access Key using a public key to unlock your access to the secure web site. Then the Access Key is destroyed.
5. A new Access Key is created. The New Access key and your encrypted PIN are used to create two new secrets – one for the Authenticate service, the other for the Device.
6. The new Device Secret is sent to the device ready for the next the user authenticates.
7. The user is passed through to the secure web site.
Get in touch
We’re ready to help you with any questions or enquiries you may have. Please contact us using the form on the right. Alternatively, jump straight into our Developer Documentation to get started.