Posted on Enterprise Times, March 16 by Ian Murphy
The solution is designed to meet the latest NIST guidelines on additional security. Interestingly, those guidelines look to limit the use of biometrics including voice. They require any biometric to be verified by another authentication approach
Israeli security start-up Secret Double Octopus has launched its authenticator app for enterprises. It is designed to avoid insecure channels used by many multi-factor authentication solutions. SMS , tokens, push notifications and biometrics have all come under attack from hackers. This has made multi-factor authentication complex and limited its security benefits.
What is Secret Double Octopus doing?
Secret Double Octopus is using the same type of Secret Sharing algorithms as are used for nuclear launch codes. The difference between secret sharing and encryption is how the key is broken up and held. With most encryption solutions the key is stored intact. For redundancy multiple copies of the key are stored. All of these leave it open to attack. Breach one location and you have the key….