Two-factor authentication comes to iPhone

German company Charismathics chose the annual Macworld show in San Francisco this week to launch a two-factor authentication client for the iPhone, effectively turning the device into a smartcard for secure access.

Two-factor authentication is designed to improve security by requesting something the user knows, for example a password, along with something they have - in this case, the iPhone - before granting them access.

Users wishing to deploy their iPhone as a two-factor authentication device are required to download an application called iEnigma from Apple's Apps Store. They will then use the phone to connect with Charismathics's existing back-end software, which will provide it with a secure software token.

This can be used to log into a desktop computer, providing more secure access to resources by using the token in conjunction with a PIN or password. The iPhone can verify itself to the desktop either using token information presented on its display, or using a Wi-Fi connection.

"You can make easy use of your VPN tracker, your mail, your login, whatever is already installed in your computer, but with the added security of two-factor authentication," said chief executive Sven Gobel.

"The most likely scenario is a greenfield deployment because most companies don't have PKI implemented yet," he added.

This would enable them to pilot a two-factor authentication project with a small number of users before rolling it out to a wider base of employees. The iPhone support could also be useful for supporting executives who already have iPhones and do not want to carry around an extra authentication device.

The iPhone is one of several types of device supported by the back-end software, including smartcards, USB keys and magnetic stripe cards.

Charismathics will make the iPhone application available through Apple's Apps Store by 31 March, said Gobel. It will cost $9.99 per user.

Copyright ©v3.co.uk

authenticationcomesiphonesecuritytotwofactor