Authentication

Nedu greatly increases the reliability of verifying a user's identity over the Internet by increasing the sophistication of the identity verification process. It does this at secret distribution, user identity verification and post-authentication review.

In plain speak, Nedu helps you understand who is attempting to use your systems.

Nedu adds a second factor

Having two factors of authentication vastly improves the identity verification process. Whilst a password is "something you know", Nedu adds "something you have" as a second factor of authentication. Whilst this usually adds significant cost in terms of purchasing and field support, Nedu avoids this cost by leveraging a device that most people already have - their telephone. By making use of a user's existing telephone, Nedu takes advantage of the familiarity a user has with their phone, as well as the increased likelihood that a person will take immediate action if their telephone is stolen or misplaced.

Nedu works even when you can't receive tokens

Nedu is able to authenticate users even when they are unable to receive text messages or phone calls. ZeroSignal tokens are pre-sent tokens that are stored on the handset and are available for use when authentication needs to occur and a token cannot be received for one reason or another.

ZeroSignal tokens are single use, have customisable lifetimes, are simple to deploy and can even be used as your primary mode of authentication.

Nedu reduces the value of authentication data

A user's username and password guards the resources that the user has access to. Because of this relationship, a username and password combination is worth the same as the resources it guards. Once you have the correct username and password combination, you have access to any resources protected by it. This value is what makes stealing usernames and passwords so attractive to online thieves.

Nedu makes the data transferred during authentication worth very little. The data used during authentication is valid for one authentication only, and expires if it hasn't been used after a customisable period of time. Nedu authentication data is also limited by application, so authentication data for one application won't work for another. And because the data is never distributed to the authenticating endpoint, it can't be captured by malware whilst en-route to your user. All of these things make Nedu provided authentication data next to worthless.

Nedu tracks authentication data

Whilst Nedu authentication data is worthless to thieves, it is also unique enough to identify each individual authentication attempt. Because Nedu records every authentication, this data can be used to understand overall and specific usage via Nedu reporting. Because authentication data can be tracked, Nedu is able to report on which of your users are currently under threat of identity theft, as well as allowing you to use Nedu's reporting functionality as an investigative tool.

Nedu understands risk varies across applications

Not all applications present equal risk. Some require more or less rigorous authentication than others. Nedu allows you to customise the authentication parameters for each application so that you can adjust the resources you would like to commit to authentication for each application. Nedu also allows you to dictate which of your users can attempt to authenticate to each of your applications, giving you an additional level of access control.

Nedu understands there is some data you don't want to share

Whilst Nedu will securely store all data required for authentication, it also understands that some data may not be for sharing. In these circumstances, Nedu allows you to authenticate anonymously. You pass Nedu the required data and it will complete authentication without putting that data into permanent storage.

Want more information?

Please don't hesitate to contact if you require any further information.