Support: 888-992-3836
Copyright © 2023 InvestorsHub Inc.
Replies to post #111714 on Zerify Inc (ZRFY)
SmallBuy
11/01/16 11:31 AM
#111743 RE: WBCTrader #111714
Gold49er
11/01/16 7:08 PM
#112035 RE: WBCTrader #111714
Out of band authentication OOBA is in short, text based authentication. Meaning you initiate something on computer/smart phone then you will receive a text with a code to verify said transaction.
Out of band authentication is a ‘transaction verification’ process with its primary function to confirm that the transaction details originated with the user. It is typically used as part of an online transaction – the person making the transaction using an out of band process to authenticate it. It is an interactive process that conforms to FFIEC guidance and is particularly suited to authenticating an online transaction, whether that is a session or a transaction within a session. VoiceVault’s voice biometric out of band authentication solution is phone-based and uses either an out of band call to a user-registered phone number, or uses an Android / iOS smartphone-based app. In this instance, the phone line, or the app, is regarded as being one of the trusted parts of the strong multi-factor authentication process, and the voice biometric element adds yet another factor. This solution leverages the fact that phones and smartphones are ubiquitous and are never far away, and that the use of them is non-invasive, intuitive and has a low user experience impact.
Just how does out-of-band authentication work? Here are some examples: Text messages When an authentic customer logs in to a financial website with a username and password successfully, the user is prompted to click a button to send a numeric code via SMS to the cell phone number on record at the bank. The user receives the one-time code on the cell phone and enters it on a second secure Web page and clicks the "verify code" button to confirm the correct user is in fact at the other end of the phone. With this type of out-of-band authentication system in place, even if an aspiring criminal were to obtain a customer's username and password, the account compromise attempt would be thwarted because the attacker would be unable to receive the one-time code sent to the customer's cell phone. Should this scenario play out, the customer would receive a cell phone call by the application, alerting him or her to the attempted fraud. This enables the customer to contact the financial institution and report the attempted unauthorized access. Telephone Another out-of-band authentication scenario would involve the same set of steps with the legitimate user logging into the financial website, but instead of receiving a text message, the user would be asked to initiate a call back by clicking on a button on the Web page. This method requires the customer to use the telephone associated with the phone number on file with the financial institution as a second form of authentication. The financial institution's out-of-band authentication server calls the customer and a voice prompt asks the user to recite a word or enter a numeric code presented on the financial Web page. If the customer is indeed initiating the authentication, he or she will easily pass the challenge by simply reciting the word or entering the code using the dial pad. Without access to the customer's phone, a malicious user would be thwarted. More sophisticated schemes may even feature biometric voice recognition, in which the user's voice is matched to a known voice print on record. This particular technology choice demands that the user allow the financial institution to keep a voice print on file to confirm or prove the authenticity of the end user.