How it Works
Strengthen remote access security with two factor authentication
Employees can use their own mobile devices as a second factor for stronger authentication – no additional tokens or hardware necessary.
Getting started is easy. A self-service portal simplifies provisioning in three steps:
- Enter a phone number into the portal
- Download the OneSpan Mobile Authenticator or Mobile Authenticator ES from the Apple App Store or Google Play Store
- Activate automatically using a QR code or manually with an activation number
Increase employee productivity with an intuitive mobile authenticator
Employees can generate one-time passwords with a touch, enabling them to securely log in to applications using their mobile device. Users can simply authenticate with a fingerprint, Apple Face ID, or PIN along with a one-time password (OTP).
Or, remove the need to type altogether by sending the user a notification prompt on their mobile device and allowing them to authenticate through the prompt with a simple tap.
What customers are saying about OneSpan Mobile Authenticator?
The application is quick and easy, and anyone who does not have a smartphone can see the one-time password on the little hardware device at the push of a button. The procedure is clear and runs smoothly and quickly. It saves teachers valuable time at the beginning of a lecture.
Director of the ICT Department, ROC Amsterdam
OneSpan’s solutions differentiated from other vendors’ solutions because their solution is easy and intuitive to use. We particularly liked the simple approach applied to tokens for mobile devices.
Chief Operating Officer, Clyde & Co
Protect against data breaches
Stolen credentials are the leading cause of hacking-related breaches, according to Verizon’s 2019 Data Breach Investigations Report.
Using two factor authentication significantly reduces the risk of being breached. OneSpan’s secure approach to mobile notifications mitigates malware attacks on OTPs sent via push notification – and is much stronger than other delivery methods that might send sensitive data in clear text.
In addition, device-binding options establish a tamper-resistant, trusted identity bound to a user’s device for enhanced security.
Meet regulatory requirements to protect sensitive data
The European Union Agency for Network and Information Security (ENISA) provides guidance to EU organizations on implementing the General Data Protection Regulation (GDPR). They recommend using security tokens, biometrics, and other methods to access systems that process personal data.
The Payment Card Industry Data Security Standard (PCI DSS) also requires entities that store, process, or transmit cardholder data to implement multi-factor authentication (MFA) or two factor authentication (2FA) for general user, administrator, and vendor access to the cardholder data environment.
Lower Total Cost of Ownership
Reduce the burden on IT staff
Reduce helpdesk and other administrative costs with a single, integrated system that manages the complete authentication lifecycle, including:
Further, employees can easily activate their mobile authenticator app without IT involvement or end-user training.