The CA Auth ID offers the same capabilities as a physical smartcard for authentication, digital signing, encryption, and decryption for PKI-enabled applications, without requiring any end-user hardware. The CA Auth ID can authenticate to any web application, even if that application does not support PKI-based authentication.
The following figure illustrates the use cases for CA Auth ID.
The CA Auth ID is a data file that is saved on an end user's computer, USB drive, or downloaded remotely for secure on-demand authentication. Unlike the simple password, an CA Auth ID is not vulnerable to brute force password attacks. Additionally, the CA Auth ID is not vulnerable to man-in-middle attacks, which, in turn, protects users from phishing attacks.
The CA Auth ID can be used for strong authentication with a variety of applications, such as the Web or Virtual Private Networks (VPNs).
The CA Auth ID is a configurable solution that bridges the gap between simple-but-insecure username-password-authentication and expensive-difficult-to-deploy, but very secure smartcard and USB token solutions.
The CA Auth ID is based on industry standards and CA-patented Cryptographic Camouflage technology to provide software-only, strong authentication that is protected against brute force attacks.
Although an CA Auth ID is protected by a password, it supports the following features to provide strong authentication:
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|