Symbol-to-Accept reduces the risk of users routinely pressing “accept” even if they did not initiate the authentication attempt themselves. While the use of push-to-accept has exploded due to its simplicity and speed, it exposes enterprises to risks when users may inadvertently approve login requests that they did not initiate. This could allow an attacker to bypass the intended protection of multi-factor authentication and breach the users account.
However, the solution enables security-conscious enterprises to deploy mobile push authentication with confidence to mitigate this risk. Preserving the user convenience with Symbol-to-Accept, the user is presented a small number of “accept” buttons displaying single, randomly-selected symbols (such as letters). To successfully log in, the user selects the correct symbol on their mobile device that matches one displayed on their computers login screen. This choice dramatically reduces the likelihood that the user will approve an unsolicited login request because they will not know which button to choose if they are not currently trying to log in.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now