What is 3AKey?
3AKey stands for Authentication, Authorization and Administration by its function or Authentication and Access Automation (3A) by its feature.
3AKey is a Human Interface Device that is USB port based. It is designed as a secure digital identity which is issued by an individual user to access privileged content or financial services remotely, safely and easily in the enterprise network or the Internet.
What is Distributed Authentication?
Distributed Authentication means that the authentication is carried out at more than one location.
3Akey authenticates users locally, at the service providers’ server or a central 3AKey server and also another independent digital identity provider such as JANUS server.
Traditional authentication is only conducted at the service providers’ server, which makes it vulnerable to social engineering attacks. In contrast, 3AKey authenticates users with his/her own unique 3AKey, which will render phishing attacks useless or irrelevant.
What will 3AKey deliver?
The 3AKey system is the world leader in online authentication and data security:
- It is multifactor authentication that meets FFIEC (Federal Financial Institution Examination Council) 2005 directive for strong authentication;
- It is an identity prevention system that meets FTC (Federal Trade Commission) Federal ID Theft Red Flag rules;
- It is a data security system that meets HIPAA (Health Insurance Portability and Accountability Act) requirement to secure transactional data;
- It is a total transaction-security system.
How Does 3AKey Work?
The 3Akey system consists of three components: 3AKey, JANUS Server and Service provider implemented JANUS Client:
- JANUS Server is a central Authentication Authority; a service provided by FrontOne. JANUS server is an off-the-shelf software product; it is suitable for enterprise with strong IT infrastructure.
- JANUS Client is a software module that is installed as an add-on to the existing web server. Currently, JANUS client supports two server side scripting technologies, Microsoft asp.net and open source PHP.
- 3AKey is a physical hardware token which is USB comparable. It provides level one user authentication and physical layer security as well as software to carry out continuous authentication and maintains the transaction data security and integrity.
How to use 3AKey?
The user will need to follow the instructions issued by the service provider initially and register the 3AKey.
Once the 3AKey is registered, the insertion of the 3AKey into your computer will start the authentication automatically and provide access to the facility or service.
Depending on the security policy of the service provider, it may prompt the user to authenticate periodically by entering a password. However this password can only be entered in conjunction with the 3AKey being in the computer.
Applications
Every organisation large or small could be benefited from deploying 3AKey Secure Access solutions in the enterprises intranet, extranet or online environment. For organisations that do business transactions online, which need to mitigate risk associated with identity theft and to meet privacy and identity theft prevention requirements, 3AKey provides strong authentication solutions with added convenience and enhanced security, whilst mitigating the risks associated with online identity theft and social engineering base attacks.
Feature Comparison
| Features | 3AKey | Hardware Token | Soft Token |
| Device Authentication | Online, Real time | None | None |
| Device level User Authentication | Online, Real time | None (some using password) | None (some using password at the phone) |
| Delivery of authentication message | Stealth messenger with 128 bit encryption | Standard 128 bit encryption | Standard 128 bit encryption |
| Transaction Authentication | Continuous, Two-way and automatic | Once, manual entry | Once, manual entry |
| Data integrity Validation | Yes | No | No |
| Risk to phishing attacks | Irrelevant | Medium to High | Medium |
| Risk to brute force attack | Low | Medium to high | Medium to high |
| Risk to MITM attacks | Low | High | High |
| Vulnerability to Spyware | Low | High to medium | Medium to High |
| Scalability (network, internet, Mobile) | High | Medium to Low | Medium to high |
| Device integrity (lost, stolen) | High | Low | Low |
| Flexibility, new functions | High | Low | Low |
| Applications | Comprehensive | Standard and restrictive | Standard and restrictive |
| End to end security | Yes | No | No |
| Cost of Implantation | Low | High | High |
| Cost of Maintenance | Low | High | Medium |
| Cost of Operation | Low | Low | High |
| Overall Security Delivered | High | Low | Medium |