Web, mobile, and developer applications.
User experience:
Click on your SecuMark browser button:
Pick a site to log in to:
Enter your SecuMark master password.
That's it. You just logged in securely!
While the SecuMark logo stays green (active) you can login to other sites without re-entering your master password:
The button deactivates automatically after a short period of inactivity, or if you select "Deactivate"
Secure website logins
» No passwords over the web
» Easy user experience
For security-critical websites - SecuMark eliminates the passing of passwords across the web, preventing attackers from intercepting them and dramatically reducing the potential for fraudulent parties to hijack the identities of users.
Mutual authentication
SecuMark allows websites to authenticate their users using industrial-strength security technology. At the same time, it allows consumers to verify with equally high confidence that the website is legitimate, rather than a spoof produced by fraudsters. Both the website operator and their customers benefit mutually from increased assurance, and protection against "man-in-the-middle" attacks and other emerging forms of online fraud.
Privacy respecting
SecuMark is a key-chain system, not a "single sign on" system. It does not create identifiers that could be used maliciously to correlate users' transactions across websites.
From the website operator's perspective, SecuMark offers additional protection against malicious "insiders"[1]
Software only
SecuMark is a software-only solution that runs in the user's browser. It confronts the issue of potential consumer resistance head-on by itself providing inherent user benefits: it appears as a trusted "bookmark list" of sites that the user regularly transacts with, and allows him or her to log in to them easily and securely with a single click.
The SecuMark toolbar button will be freely downloadable, for easy installation into the user's browser. The server-side component will be available to enterprises and institutions that wish to combine financial efficiency with best-of-breed technology in their authentication strategy. SecuMark works in parallel with other deployed security measures such as SSL certificates and real time risk-assessment systems. Options for client branding of the user experience of SecuMark may be available as required.
Generic and trial licences available soon - contact us to find out more.
SecuMark is built on HTTPsec.
Notes:
[1] "Insiders" are personnel from your company, ISP, etc who have server-side access to user account data and/or to the systems that run the website. As a result of the deployment of SecuMark, no server-side user account data is created that could allow a malicious insider to successfully impersonate a legitimate SecuMark login. (This is typically not the case for password based systems.)