SAASPASS

SAASPASS

 

 

 

Now, for the first time ever, Strong Security doesn’t have to mean extra effort and extra steps. SAASPASS offers the industry leading solution for passwordless security, which allows the same level of security and then some as traditional security solutions involving the use of Dongles, Keyfobs and One-Time Passwords generated from an app, while stripping away all of the extra steps typically associated with stronger security. In fact the process becomes so seamless it’s even easier than the standard username/password we have all become accustomed to. Integration takes a matter of minutes for applications like Google Business Apps, Office 365, Salesforce, Dropbox and tens of other enterprise services. Additionally SAASPASS is architected to not only be for online and virtual worlds, but for the physical as well. This begins with being able to unlock physical computers, both Macs and PCs, with seamless 2FA. Your machine can unlock on your approach or at the click of a button. Additionally, with an easy API, one can integrate it into connected door locks and central locking systems, banishing physical access cards to the dustbin of history.

 

SAASPASS is a two-factor authentication solution that replaces static passwords with encrypted images and Proximity (wireless BLE) waves to use dynamic, ever changing credentials that can unlock computers, doors or login to websites and cloud applications. SAASPASS can secure personal computers, websites, applications, standalone enterprise software or cloud services like Google Apps, Microsoft 365 and any VPN application utilizing RADIUS. SAASPASS makes strong authentication simple for users, developers and admins.

 

 

 

Before SAASPASS

 

 

After SAASPASS

 

 

 

 

FREQUENTLY ASKED QUESTIONS

What is SAASPASS?

SAASPASS is the only identity and access management tool you need to secure your corporate network or your own personal data, a comprehensive and frictionless solution fully-secured with dynamic passcodes and out-of-band multi-factor authentication. Whether logging into your work emails and company apps, accessing your personal online bank account, making purchases at online retailers, browsing social media, or even unlocking the door of your car, home, or hotel room, SAASPASS allows you to use your mobile or other enabled device to manage all your digital and physical access needs securely and conveniently.

 

Why do I need SAASPASS to secure my personal data?

Usernames and passwords are not very secure, but simply adding proper multi-factor authentication (MFA) to your most sensitive apps can reduce your likelihood of getting hacked by at least 80%. The problem, however, is that most MFA products add several time-consuming and inconvenient steps for the user. Also, simply using an MFA solution doesn’t necessarily mean you’re more secure, as some forms of MFA used by sites, are known to be less secure (such as text messaging based verification codes). In order to comprehensively secure your computer as well as your personal apps and services, on all your devices, multiple products must typically be cobbled together.

 

SAASPASS cuts through that complexity and is the only identity and access management tool you need to secure your personal data, a comprehensive and frictionless solution fully-secured with dynamic passcodes and out-of-band multi-factor authentication. With a single product, it allows you to use your mobile phone or other enabled device to manage all your digital and physical access needs securely and conveniently.

 

Why does my company need SAASPASS?

SAASPASS is the only identity and access management tool you need to secure your corporate network, a comprehensive and frictionless solution fully-secured with dynamic passcodes and out-of-band multi-factor authentication. Whether logging into your work emails and company apps, accessing your personal online bank account, making purchases at online retailers, browsing social media, or even unlocking the door of your car, home, or hotel room, SAASPASS allows you to use your mobile or other enabled device to manage all your digital and physical access needs securely and conveniently.

• Replace hard tokens or repurpose existing tokens by integrating with SAASPASS
• Replace ID cards, single sign-on products, and password managers with a single, easy-to-use solution
• Secure every access point to your corporate network, personal data, physical door, or IoT device using out-of-band MFA with dynamic passcodes
• Login to your Mac or PC, with full MFA, even when offline
• Authenticate to cloud-based and on-premise apps securely and seamlessly
• Eliminate password breaches and their impact on you or your organization
• Eliminate the costs and risks of purchasing and managing security tokens and hardware
• Eliminate the manual typing of passwords and the resources involved with password complexity rules and resets
• Minimize admin resources by streamlining the provisioning and deprovisioning of employees and temporary partners to your active directory and corporate apps
• Control and instantaneously manage network access by employees and partners

 

How does SAASPASS provide security?

SAASPASS secures organizations and individuals primarily by adding multi-factor authentication with dynamic passwords from the operating system level all the way down to individual apps and services, integrating seamlessly with both on-premise and cloud applications. Because cloud applications are accessible from many locations, authentication security is paramount. Most enterprise cloud platforms (like Google Apps and Salesforce) are accessible both inside and outside the office, and from a variety of different devices, leaving corporate network perimeters dramatically more extended and exposed than just a few years ago. With SAASPASS, users can authenticate to their corporate and personal apps and services securely and conveniently, without an easy-to-steal or guess static username and password, and regardless of their location or device.

 

Also, because SAASPASS offers the full-stack of identity and access management solutions in one product, it’s able to provide seamless and integrated security without the risk of security holes and cracks that result from stitching together different products. The usability and convenience inherent in such a comprehensive design also reduces circumventions. Other, intrusive or tedious security products, or combination of products, encourage employees and other individuals to find ways to evade security measures.

 

Why does SAASPASS use an orca in its logo?

In addition to being a beautiful and super cool marine mammal, the orca, also known as a "killer whale," represents SAASPASS’ mission of "killing" the password.

 

Why is SAASPASS the superior solution?

In the marketplace of identity and access management (IAM) solutions, enterprises often cobble together two or more solutions in order to meet their needs, for example, pairing a single sign-on product with an MFA hard token. There are obviously extra resources involved with managing multiple solutions from different vendors, but just as important are the inevitable cracks and seams resulting from relying on a patchwork of products. Some of these fragmented solutions are less secure; others are simply less convenient. SAASPASS offers seamless security and greater convenience for less time and cost to you and your organization.

 

By providing a comprehensive and frictionless solution fully-secured with dynamic passwords and multifactor authentication, SAASPASS is the only IAM tool you need to secure your corporate network or your own personal data. However, its advantage is not simply in its range. SAASPASS has engineered each of its features to be independently second to none. Using out-of-band MFA with dynamic passwords, SAASPASS enables you to securely authenticate and login to your Mac or PC from your mobile phone or wearable device.

 

Other IAM products are typically designed for enterprise, while some are geared towards individuals. These two approaches are often viewed as separate or incompatible, the result being that individuals are frequently forced to use a different solution to secure their personal data at home as they do at work. SAASPASS takes a very different approach to IAM with its individual-oriented enterprise solution. SAASPASS understands that for an organization to be truly protected, its security perimeter must be extended to protect its employees, suppliers, and subcontractors--anyone with access to the corporate network. A password breach of an employee using Facebook, for example, on his or her personal computer in an airport or at a Starbucks, can provide just enough information for a hacker to gain access to that employee’s corporate network. SAASPASS extends the security perimeter without compromising the individual’s privacy. The SAASPASS ID serves as a key to the network, but it is owned by the individual, not the enterprise. When an employee changes jobs, he or she doesn’t get a new bank account or a new driver’s license, and yet, most likely both are required to operate as an employee. Employers don’t own an employee’s identity, and yet they are vulnerable if that employee’s identity is compromised. Personal and enterprise security are inextricably linked. Unlike other IAM products, SAASPASS has crafted its solution with this important reality in mind.

 

SAASPASS also distinguishes itself from others because of its unrelenting attitude towards passwords. Other products, particularly password managers and app authenticators, and even many single sign-on solutions, seem content to help users manage passwords or facilitate their use. SAASPASS does not accept the status quo and strives to replace passwords wherever and whenever possible. By continuously expanding our list of secure links to apps, SAASPASS will not stop until passwords are eradicated. Leave your mother’s maiden name and childhood pet back in the 20th century where they belong! It’s time to commit pass-ticide. Move beyond passwords with the only full-stack identity and access management solution.

 

What devices does SAASPASS support?

SAASPASS works seamlessly on iPhones, Android phones, Blackberry, and many feature phones. Over 350 Java MIDP2 enabled mobile phones have been tested and certified through our extensive internal quality assurance process, and we constantly test and certify new models as they become available.

 

SAASPASS works basically like a traditional lock and key system, where your "key" is your mobile phone or other SAASPASS-enabled device, and the "lock" can be a computer, a smart lock on your car or home, an IoT device, and so forth.

 

THE KEY:

SAASPASS can be installed and/or cloned onto any device that supports:

• iOS (iPhone, iPad, Apple Watch, etc.)
• Android (Android phones, Android tablets, Android Wear Watches, Kindle Fire, or other Android devices)
• BlackBerry
• Feature Phones (any device that supports J2ME)
• Tokens (key fobs, etc.)

 

THE LOCK:

SAASPASS can be used to secure and authenticate to any device that supports:

• Windows
• Mac OS/OS X
• Linux
• Custom IoT OS, using our API (i.e. smart locks)

 

What is multi-factor authentication and how does SAASPASS deploy it?

When you authenticate your identity to a website, an app, or any kind of service or product that requires identification, you typically use a username and a password. This is the first layer, or "factor," of authentication. Because hackers have countless ways of obtaining this information, usernames and passwords on their own are no longer considered secure. Adding a second or third "factor" to verify your identity is known as "two-factor authentication" or "multi-factor authentication" and makes it exponentially harder for hackers to access your accounts. The verifying factor can be something you know (a PIN), something you are (a fingerprint), or something you have (a key fob, ID card, or mobile device).

 

Multi-factor authentication (MFA) can drastically reduce the risk of hacks, but both the ease-of-use and the level of security provided by different MFA solutions vary widely across the spectrum. Sending and receiving dynamic passcodes by SMS, for example, as some MFA solutions do, should hardly be classified as MFA, as the message is highly vulnerable to interception in man-in-the-middle attacks. Also, passwords should be dynamic, so that even if acquired, they cannot be reused or sold. Only out-of-band MFA solutions with dynamic passwords, such as SAASPASS, offer the high levels of security associated with MFA.

 

As for convenience, typical MFA solutions require anywhere from 4 to 6 steps in order to securely sign in. SAASPASS can do the same in just a single step, with just a touch of a biometric sensor. SAASPASS provides strong and frictionless MFA through its mobile app and on a number of mobile platforms that include iPhones, iPads and Androids among others. The random number generated through the mobile app can be used to authenticate to any website, service, or device through either our Authenticator format or through custom integration using our RESTful APIs and SAML adapters to over 300 of the top SAAS products.

 

Why is SAASPASS’s multi-factor authentication superior to SMS-based solutions?

Typical SMS-based solutions involve sending one-time-passwords (OTPs) to a phone via SMS. A user then enters the transmitted password into an online site to authorize a transaction. These SMS messages are unencrypted, insecure, and can be susceptible to interception in what are known as man-in-the-middle hacks. SAASPASS uses an out-of-band multi-factor authentication (MFA) solution, with your device generating the code itself, with dynamic passcodes to provide higher levels of security.