One Time Passwords don't work

Traditional Two-Factor authentication solutions revolve around the use of One Time Passwords. These are cumbersome to the end user, expensive for the enterprise and still don't solve "phishing" and Man in the Middle attacks: The OTP is sent, or generated in an "out of band" fashion, but re-entered into the potentially compromised band. Perpetrators can steal "OTPs" just as they steal passwords - one valid OTP normally being enough to complete a fraudulent transaction.

These solutions are fundamentally flawed. They are based on the premise that one requires two factors to successfully authenticate to a system: Something we know (password, or PIN code) as well as something we have (a mobile phone, or mobile OTP generator). However, the OTP also results in "something you know" (the OTP that you've just generated) as opposed to "something you have" (a physical device). This can be intercepted or key logged and with SIM swops, not even delivered to the user.

The Entersekt trusted communication channel

Entersekt allows institutions to uniquely identify each phone in the world - not by using a mobile number which they have no control over, but by trusting a mathematically unique X.509 digital certificate that is automatically installed on the mobile device by the Entersekt CA. This enables mutual SSL - an authentication technology uncompromised over the last 40 years - on any mobile device. Banks can leverage off the trust that's provided by this unique identifier - and can use this technology to digitally sign individual financial transactions using the private key that's kept confidentially on the phone.

Entersekt ITA sends the transaction notification to the mobile device (all devices supported), and user authentication is relayed back, encrypted, to the bank. Man in the Middle is thwarted!

Entersekt offers the only product in the world which leverages off advanced functionality such as push notifications and other advanced GSM technology to provide a truly unified solution.