The CA AuthID offers the same capabilities as a physical smartcard for authentication, digital signing, encryption, and decryption for PKI-enabled applications, without requiring any end-user hardware. The CA AuthID can authenticate to any web application, even if that application does not support PKI-based authentication.
The following figure illustrates the use cases for CA AuthID.
The CA AuthID is a data file that is saved on an end user's computer, USB drive, or downloaded remotely for secure on-demand authentication. Unlike the simple password, an CA AuthID is not vulnerable to brute force password attacks. Additionally, the CA AuthID is not vulnerable to man-in-middle attacks, which, in turn, protects users from phishing attacks.
The CA AuthID can be used for strong authentication with a variety of applications, such as the Web or Virtual Private Networks (VPNs).
The CA AuthID is a configurable solution that bridges the gap between simple-but-insecure username-password-authentication and expensive-difficult-to-deploy, but very secure smartcard and USB token solutions.
The CA AuthID is based on industry standards and CA-patented Cryptographic Camouflage technology to provide software-only, strong authentication that is protected against brute force attacks.
Although an CA AuthID is protected by a password, it supports the following features to provide strong authentication:
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|