Two Factor Authentication Take a Tour Compare Solutions

Contact Sales:
sales@comodogroup.com

Telephone:
Tel: + 1.888.266.6361
Tel: + 1.703.581.6361

Two Factor Authentication

FFIEC recommendations are suggesting that banks use two factor authentication solutions. That's because single factor authentication is not strong enough and too easy for fraudsters to attack. But many solutions are complex, costly and difficult for customers to use.

Now there is an easy, inexpensive solution: Comodo Two Factor Authentication Solution

1) Client Digital Certificates to authenticate the user to the bank (Part 1 of the two factor authentication)

2) Content Verification Certificates (CVC) to authenticate the FI website to the user (Part 2 of the two factor authentication)

1) What are Comodo Digital Client Certificates ?

Digital Client certificates are an easy to deploy, affordable, secure and convenient solution for banks to authenticate customers. Digital PC certificates can be delivered electronically while providing strong two factor authentication of users. They authenticate the user's pc and identity code.

How they help?

Digital Client certificates protect the integrity of data and provide a transparent log-on method that won't inconvenience users. They can be stored directly on a user's pc, or, for portability, they can be stored on smart cards or tokens. A PKI client certificate provides strong authentication of users and assures the bank that the user logging in is indeed the bank customers. Comodo Client certificates are the first half of Comodo’s two factor authentication solution.

At a Glance: Digital Client Certificates

  • Essential component of two factor authentication
  • Easy to deploy
  • Affordable
  • PKI based
  • Secure and convenient
  • Two factor authentication (the pc and the user are authenticated)
  • A transparent log-on with no inconvenience to customer
  • Stored directly on a user's computer to deliver authentication security of both the user and the pc
  • Mobile – can be stored on smart cards, tokens or USB devices when traveling
  • Customer authentication from remote locations

2) What are CVC's

Innovation to allow users to believe again in what they see online with "Verifiable Trust".

Fraudsters are becoming much more sophisticated in capturing customer financial details.

CVCs, as part of Comodo’s multifactor authentication solution, ensure that digital content (such as website login boxes and graphics) and site identity can be verified in real time and without disrupting the normal transaction process. Using the proven PKI platform for security authentication of websites to end users, CVCs prove that a bank site has been validated and is safe for online banking.

CVC’s can protect website content such as:

  • Log in box belongs to the site it claims to be
  • Contact or rate information has not been tampered with
  • Third party credentials, (like FDIC) can be verified

How they work?

Comodo's See Verify Trust technology takes the bank's web content, IP addresses and domain names, and embeds them into a digital Content Verification Certificate (CVC). The online banking customer can then download a free reader called VerificationEngine (a small utility) to enable real time verification and strong authentication of bank websites. Online banking customers simply roll their cursor over the website's content that contains a CVC, and VE displays a green border outside the browser.

How they work?

This anti phishing tool authenticates site identity in real time. CVC’s are the only browser independent, non spoofable ID assurance technology on the market today and are the second half of Comodo’s 2 factor authentication solution.

How they help?

Many padlocks today only indicate that the transaction session is encrypted but they do not attest to the legitimacy of the business. SSL website certificates must be used in conjunction with technologies such as CVC and custom client certificates in order to comply with the multifactor authentication criteria outlined in the FFEIC guidelines.

The CVC "Green is Good to Go" border is the sign that the web site is indeed the bank's and not a phishing site. The technology is easy for banks to implement; cost efficient; not disruptive to the customer whilst simple for them to use. They just have to roll their mouse over the bank's CVC’ed content and the highlight comes up.

At a Glance : Content Verification Certificates

  • Essential component of two factor authentication
  • Digital certificates based on x.509 standards
  • Ties log-in boxes to a specific site with a verifiable URL/IP address
  • Phishing or Pharming sites are exposed instantaneously
  • Provides authentication security but does not disrupt the normal transactional process
  • Green border indicator outside the browser is spoof proof and protects against Man-in-the-middle attacks
  • Content is authenticated by Comodo and CVCs are stored on either the FI’s web server or Comodo's servers
  • Consumers use a free reader - Verification Engine to read these certificates

Latest News

Comodo™ is a leading global provider of security, digital e-commerce & identity and trust assurance services for the Internet. Comodo help enterprises improve customer trust and create efficiencies across their digital e-commerce operations by Establishing Trust™ initiatives for e-Business, curbing Phishing attacks and creating an Identity Assurance and Brand Protection framework. Comodo offerings cover SSL Certificates, internet fax services, web hosting automation, infrastructure services, network vulnerability auditing, managed enterprise security and a growing suite of free customer privacy and network security solutions.