cidaas Authenticator - The MFA Helper Application
As an increasing number of companies move towards digital transformation, cybersecurity becomes increasingly critical. This has made MFA super important since it offers enhanced and adequate security against identity theft and misuse.
Customers today look for more flexible, convenient, and reliable options than passwords to secure their accounts. As a business, you will need to ensure that you offer the best account access security solutions to them. By integrating your apps with cidaas' helper app, protecting your organization against lost or stolen credentials will be the least of concerns.
One common method to improve protection for all enterprise users is Multifactor Authentication which is a stronger form of two-step account verification, such as
cidaas Authenticator mobile application is a seamless self-service identity solution developed by Widas Concepts that provides additional layers of login protection, and helps secure access to resources with multifactor authentication. It protects your business accounts from common identity attacks with one simple action. You can customise MFA using email, TOTP, SMS, IVR, and others on your enterprise apps by linking the cidaas Authenticator with your business apps.
Administrators can choose forms of secondary authentication and configure MFA challenges based on configuration decisions.
Apps and services don't need changes to use this app. The verification prompts are part of cidaas' sign-in event, which automatically requests and processes the MFA when required.
Why the cidaas Authenticator App?
With common identity-related attacks like password spray, replay, and phishing becoming rampant these days, managing security can be difficult. The cidaas Authenticator helper app makes it easier to protect your users from these attacks based on their preferred MFA method.
If you're an organization currently providing conditional access to your customers to meet their complex security requirements, you should consider our MFA helper app. You can either customise the required methods for passwordless authentication or let your users select and configure a single or multiple methods to set up two-step verification for an application.
The key benefits include:
Provides additional layers of security than password-based authentication
The multiple layers of security ensure that the users looking for access are who they claim to be. Even if one credential is attacked, attackers will be forced to verify identities in another manner. Therefore, companies that store users’ confidential details should opt for more than two authentications. It will help them build and maintain consumer trust.
Assures consumer identity
By implementing MFA with the app, the security of the traditional username and password login is fortified by two pieces of information to access user resources. This adds a sense of mindfulness to authentication.
Meets regulatory compliances
Implementing MFA can be a key requirement when it comes to complying with certain industry regulations. For example, PCI-DSS requires MFA to be implemented to prevent unauthorized users from accessing systems. So, even when applications are updated, MFA compliance ensures that user accounts remains virtually non-intrusive.
Easy to configure and implement
Implementing MFA using the cidaas Authenticator, by its very nature, is non-invasive. It doesn't affect the rest of the virtual space of an organization or user app account. Configuring various passwordless options is an intuitive user experience that requires minimum effort and technical knowledge.
Can be flexibly integrated with Single Sign-On (SSO) solutions
Our industry-compliant MFA helper app can be easily integrated with any SSO app. Using a secondary authentication with SSO confirms the consumer identity and removes data risks due to password misplacement. This saves time while enhancing security.
Instant Security on-the-go
The cidaas Authenticator can help block attacks and even report potential threats through the MFA Reports module on the cidaas Admin dashboard wher the IT department immediately gets notified. A user would receive a prompt on the app to confirm secondary authentication, and can immediately report the incident if it was not done by them.
Available verification methods
When a user signs in to an application or service, they can choose from one of their registered forms of additional verification. They will receive an MFA prompt on the cidaas Authenticator app to complete the verification. Users can access their Profile on the cidaas user self-service portal or admin dashboard to configure the verification methods for their account.
While verification via Email, SMS/Text message, and IVR are configured by default, cidaas supports additional passwordless methods like:
- Pattern Reognition
- TouchID or Fingerprint
- SEALONE device
- Smart PUSH
- Backup Codes
How it Works
Typically, a user installs the Authenticator app on a smartphone. Upon login to a site or service that uses two-factor authentication, the user provides his user name and password on the site and runs the Authenticator app.
cidaas Authenticator is available as a free download on the Play-Store or App-Store.
The app requests the identification info from the user which is verified with the pre-configured data to authenticate the user’s identity. The identification could be done using any of these methods - Code in Email, Text Message, IVR, TOTP, Pattern Recognition, TouchID, Backup Code, Google Authenticator TOTP, and Smart Push Notification.
For this to work, a pre-configuration operation must be performed ahead of time: the site provides a shared secret key (QR code) to the user over a secure channel, to be stored in the Authenticator app. This secret key will be used for all future logins to the site.
Setting up and linking your account to the cidaas Authenticator
After downloading and installing the cidaas Authenticator app on your mobile, you can set up multiple accounts across different environments for normal users and admin users.
To set up the account using cidaas' self-service portal, follow these steps:
1. Visit the app registration page provided by your service provider.
2. If you're using cidaas' default service, you can register using either your email id, mobile number, or user name.
Provide the email ID.
Set password and click Register.
Provide mobile number
Set password and click Register.
Provide user name
Set password and click Register.
Once registered, your account is ready for the MFA setup!
On the cidaas Admin dashboard, click profile > My Account > Physical Verification Setup and click the edit icon of the MFA service you'd like to enable under Setup physical verification.
Steps to Configure the MFA Services
- Click the + icon on the cidaas authenticator home page.
- Select either Enter Setup Key or Scan a QR Code.
Scan QR Code
- Follow the steps displayed in the scanning guidelines page. Tap Scan to start scanning.
- If you choose to login to your web application on cidaas, visit your user profile, and tap on Login & Security.
- In the Login & Security page, tap the authentication method of your choice with the button Generate QR Code to set it up on the cidaas authenticator app.
- Scan the QR code that appears on the screen from the cidaas authenticator mobile app.
- Once the QR code is scanned successfully, complete the set up for the selected authentication method on your mobile.
Enter Setup Key
- Type in the provider name, and the setup key (TOTP only) to link the cidaas authenticator app.
- Click Add.
- Click ok in the confirmation window.
- A timed OTP is generated by cidaas which is valid for 30 seconds. Copy and paste this OTP in the provider's authentication page to link the cidaas authenticator app.
4. All the required configurations for the user's application should be completed by the Admin for the application on the Admin dashboard.
cidaas Authenticator App Using Wear Watch (Beta)
The cidaas Authenticator App supports notifications, approvals and cancellations of MFA notifications (TOTP/Voice) on your Apple watches or smart watches connected to iOS and Android phones. Once the watch is paired with your phone via Bluetooth, when you try logging in to a cidaas powered application that has MFA configured, the corresponding notifications will appear on your device. This integration lets you approve or decline authentication requests on the move.
Should you have any questions or need further assistance with configuring the cidaas Authenticator app, please contact our support team.
We'll be happy to help. Thank you!