Camille Rassou

IdRamp and inWebo partnership

Posted by | News | No Comments

IdRamp partners up with inWebo

San Francisco and Des Moines, October 14th, 2019.

IdRamp and inWebo partner for secure & decentralized Identity and Access Management.

IdRamp and inWebo are pleased to announce the release of a certified integration between IdRamp decentralized Identity Management platform and inWebo MFA (multi-factor authentication) platform. This integration makes it possible for organizations to orchestrate advanced security and authentication policies for access to their applications.

IdRamp combines SSO capabilities with the possibility to leverage multiple IdPs (Identity Providers) such as AAD, Google, Salesforce, IDaaS providers, Self-sovereign and social logins, thus helping organizations navigate the complexity of modern and heterogeneous information systems. Furthermore, the integration with inWebo allows organizations to add and control in a single place customized MFA policies across applications and IdPs, with no additional integration. This gives organizations an unprecedented agility for implementing secure access. Organizations can now deploy new secure applications across heterogeneous, legacy, or segmented directories, without having to manage highly complex directory integration projects.

“inWebo provides a superior approach to multi-factor authentication security and user experience.” said Mike Vesey, IdRamp CEO. “The IdRamp inWebo integration is a powerful solution that is easy to deploy into any identity security strategy. Our partnership with inWebo offers significant value and flexibility for businesses that needs best in class multi-factor authentication and simplified identity orchestration.”

“Strong Authentication (MFA) has become a critical part in modern Identity & Access Management projects”, said Didier Perrot, CEO for inWebo North America. “We’re excited to partner with IdRamp, as their integration of our MFA platform can now be used by organizations with no additional code. It allows them to reduce the time and costs needed to protect their applications, while making that additional security go unnoticed by their users.”

About IdRamp: IdRamp is a decentralized identity service to simplify integration, improve security and continuously innovate your business. With IdRamp you can easily integrate and orchestrate multiple identity silos. Tailor authentication and access control policies according to your business strategy. Add decentralized self-sovereign identity to any business strategy. Through distributed authentication, IdRamp secures the identity threat surface by eliminating the need for public network-facing identity and access management systems. IdRamp provides adaptable digital bridges that interoperate across all generations of identity management.

About inWebo: inWebo is a leading vendor of B2B solutions for multi-factor authentication (MFA) and local access (IWLA). inWebo makes customer, member, and employee access to VPN, IAM, web, Cloud, and IoT applications & devices more secure, but also easier. Our technology seamlessly adds a layer of security during authorization by turning user devices including laptops, cell and smartphones, or tablets into trusted authentication methods. It uniquely combines certified hardware-grade security with extreme ease of use. inWebo protects millions of identities for global organizations. Visit us at inwebo.com.

InWebo’s MFA Solution For Banks Goes East

Posted by | Events, News | No Comments

inWebo MFA for Russian Bank industry

Under the pressure of new regulations (PSD2), technological evolutions and customer demand, banks need to improve their authentication methods, both in terms of security and usability. Russian banks are no exception to this, having been the target of several major online attacks over the recent years.

Ever-increasing cyber threats

Back in 2016, Sberbank, one of Russia’s largest bank, reported a phishing attack aiming to steal user credentials via a fake app. Before the hacker was arrested, they breached in over a million devices, compromising users credentials. It did not stop there: by 2018, Cyber-attacks had multiplied by 10, and are expected in 2021 to cost the Russian financial industry $6T/year.

Protecting the Russian Banking landscape

It’s no surprise then that major Russian banks would be very interested in information on the MFA solution that is one of the best fit for the banking industry. This is how inWebo got invited to come and present its technology to a panel of security managers in Moscow.
inWebo proposed their strong MFA solution to solve the authentication security shortfall. The solution ensures high level of security thanks to randomly generated cryptographic keys while being easy to implement as any devices can be turned into a 2nd-factor authenticator. The user only needs to combine 2 of the 3 following factors:

What is inWebo MFA for banking

In addition, the multiple integration possibilities provide a tailored solution to the Russian bank network and authentication needs, resulting in a combination of high security, compliance to financial regulation (such as PSD2) and seamless user experience.

Joining the movement

The switch to inWebo ultra secure MFA solution has already started in Europe: major banks across the continent have already adopted it to protect their users’ credentials. As inWebo MFA can be tailored to the clients need, various use cases include Société Générale, Credit Agricole or even Orange Bank. With these successful attempts across Europe, inWebo looks forward to be partnering up with the Russian bank network and solve their authentication needs.

Make an appointment with inWebo

If you would like to take this opportunity to learn more about our strong MFA solution or assess your authentication and access security challenges, please fill out the form below. We’ll make our best to accommodate your preferences.

Patient data are better protected with MFA

Posted by | In The Press | No Comments

inWebo presents: “When sensitive health data is exchanged over the Internet, the protection of access and transfers is paramount. Security experts recommend two-factor authentication for this:

By Hannes Rügheimer

NEU-ISENBURG.The digitization of the healthcare system is accompanied by the concern that sensitive data could fall into the wrong hands. Recently, there have been many examples of cyber-attack IT systems vulnerability. Earlier this year, it became known that lists of more than two billion known passwords are traded in the dark corners of the Internet, the darknet.

At the end of 2018, hackers at a Chaos Computer Club congress documented a variety of vulnerabilities in various e-health services already on the market.

Data protection experts such as Christoph Rösseler, spokesman for the security software provider G-Data, point out that classic passwords or PINs do not provide sufficient data protection: “In order to reliably protect online access, a two-factor authentication system should be used urgently.”

Two factors for more security

This concept requires two instead of just one safety factor, such as a password. The principle has long been in use – such as in online banking, where for transfers in addition to personal identification number (PIN) and a transaction number (TAN) is required, which is generated by about a code generator.

Company employees also need a code generator for remote access to the company network in addition to their access data – a so-called token.

“It is important that the two factors have different properties. For example, the combination of knowledge and having: the user knows his access data, and he has a token, “says expert Rösseler. An attacker could spy on credentials, but unauthorized access is much more difficult, as he would also have to capture the second factor.

In a slightly modified form, the second factor can also be a smartphone, on which an app confirms the PC login via an independent channel. The Federal Ministry of Health explicitly requires two-factor authentication or “alternative secure authentication” for the requirements of a virtual electronic health card.

Health insurances pair accounts

The health app Vivy offered jointly by DAK, Allianz, Barmenia and other health insurances also relies on this principle. Here, the user account is linked to the smartphone used in addition to a password. The authentication takes place via SMS and is the basis for the encryption between patient and doctor’s office.

The German Society for Medical Informatics, Biometry and Epidemiology (GMDS) advocates data protection and IT security in health care whenever it comes to authentication with two factors, whenever an increased level of security is to be achieved to protect sensitive health data.

Two-factor authentication significantly enhances security, says Olivier Perroquin, managing director of inWebo, a French provider of security technology. “However, many digital services still shy away from the consistent implementation of this principle.” Because code generator, smartphone, token are currently not at hand, a registration is not possible.

In addition, some companies just do not want to bother private customers with the complicated handling of such registration processes. Therefore, inWebo has developed a middle ground. The solution dispenses with an additional device, but achieves a comparable level of protection by providing two different security factors via the user’s web browser.

Better protection in the web browser

For this purpose, the user logs on with the access data sent by the provider on his commonly used computer at the service. The registration can even be done anonymously. The user then only receives an identification number, but he does not have to provide any name or other personal data.

Only on the opposite side, for example in the doctor’s office or clinic, does the linkage between ID and personal data take place. However, the communication partner does not need to provide any special systems for encryption and authentication; inWebo operates the necessary infrastructure in its company buildings. The company uses security hardware, which was developed by the Aachen company Utimaco.

Their chief strategy officer, Malte Pollmann, explains: “Although there are no special devices required by users and service providers, the verification still takes place with certified high-security hardware security modules, such as those used in the banking environment.”

In order to authorize exactly the browser used on the used PC for future use, the system deposits encrypted codes – in technical language a “browser token” – in the user’s web browser. “Factor 1 for the authentication is then the registered browser on the registered device. Factor 2 is the classic credentials of username and password or PIN, “explains Perroquin.

A major international insurance group has already opted for this solution to secure its new online consultation platform. “Because it is part of the security concept of this company to give no insight into the used protection technology, we must unfortunately not name his name,” adds Carlos Pinilla, sales manager at inWebo.

inWebo: BSI before certification

“But the French security authority ANSSI has already certified our solution, the German BSI will also recognize it in the course of this year. We hold several patents for our process.”

The solution is as comfortable for users as a simple login. At the same time, it offers reliable protection against attacks such as phishing (emails with malicious programs) or manipulated websites (“HTML injection”). And it can be used without installation on PCs, tablets and smartphones alike.

The examples show how two-factor authentication solutions can raise the security level of IT systems. The principle is not the only solution that can prevent unauthorized access to sensitive data – but it can be an important building block.

Source : AerzteZeitung [translated] – Link here

LSEC Digital Identities in the 21st Century, Brussels

Posted by | Events | No Comments

Lsec logo

inWebo will attend the Digital Identities in the 21st century conference on April 25th, 2019, in Brussels. We will showcase our SaaS-based MFA solution that provides organisations with secure, compliant, and easy access control for their users.

Olivier Perroquin, inWebo co-founder, will give a presentation on the protection of digital identities.

Why participate to the Digital Identity conference?

LSEC’s annual Digital Identity conference is the premier forum that brings together like-minded practitioners to discuss how to protect organizations’ assets and achieve compliance while designing optimized user digital journeys.

Attendees are C-Level Executives, Marketing Directors, CISOs & CIOs, IAM Program Leaders & Architects, Data Protection Officers.

Make an appointment with inWebo

If you would like to take this opportunity to schedule a meeting with us to go through your authentication and access security challenges, please fill out the form below. We’ll make our best to accommodate your preferences. You may also visit our booth without a scheduled appointment and talk to the next available representative.

  • Visit the Digital Identities in the 21st century page
  • Make an appointment with us by filling up the form below
  •  

    RISK conference – Lasko

    Posted by | Events | No Comments

    inWebo at Risk conference 2019

    inWebo will participate to the RISK conference in Lasko, Slovenia on March 20-21st, 2019.

    We will showcase our SaaS-based MFA solution. inWebo solution provides organisations with secure and easy user access to their devices and applications with 2nd step and 2-factor authentication as well as local offline authorization.
    In addition, Olivier Perroquin, inWebo CEO and co-founder, is animating a presentation “Disruptive Autentication technology (MFA) for the best user experience” on March 20th at 11:00 in the Gala hall.

    Why Participate to RISK?

    The RISK conference 2019 is designed to educate and inform IT security professionals and policy makers on the latest developments in technologies, tools, techniques, market trends and best practice on a wide range of security issues. The conference structure and program are specifically designed to address decision maker and government’s technical needs.

    Make an appointment with inWebo

    If you would like to take this opportunity to schedule a discussion with us to go through your authentication and access security challenges, please fill out the form below. We’ll make our best to accommodate your preferences. You may also visit our booth without a scheduled appointment and talk to the next available representative.

    • Register to the RISK conference
    • Make an appointment with us by filling up the form below

    InfoSecurity Belgium

    Posted by | Events | No Comments

    inWebo

    inWebo will participate to the Infosecurity Belgium held in Brussel on March 20-21st, 2019.

    inWebo will be located on booth 08-A010 (L-Sec section) to showcase its SaaS-based MFA solution. Our solution provides organisations with secure and easy user access to their devices and applications with 2nd step and 2-factor authentication as well as local offline authorization.

    Why participate to Infosecurity Belgium?

    With more than 130 exhibitors, 100 seminars, Infosecurity is a major exhibition in Belgium. By attending you will have the opportunity to learn more about the last trends in IT security as well as the new regulations such as PSD2. You will also be able to understand through different use cases how companies can benefit from inWebo solutions.

    Book a meeting with inWebo today

    If you would like to take this opportunity to schedule a discussion with us to go through your authentication and access security challenges, please fill out the form below. We’ll make our best to accommodate your preferences.

    You may also visit our booth 08-A010 without a scheduled appointment and talk to the next available representative.

     

    RSA Conference 2019

    Posted by | Events | No Comments

    RSA Logo

    inWebo will be sending a team of experts to visit the RSA conference at the Moscone Center on March 5th to 7th, 2019.

    If you would like to take this opportunity to schedule a discussion with us to go through your authentication and access security challenges, please fill out the form below. We’ll make our best to accommodate your preferences.

    International Cybersecurity Forum – Lille 1/22-23

    Posted by | Events | No Comments

    inWebo will be participating at the International CyberSecurity Forum (FIC) in Lille Grand Palais on January 22-23, 2019!

    We will be demonstrating use cases of inWebo SaaS-based secure MFA solution. It provides users with secure and easy access to their devices and applications with 2nd step and 2-factor authentication as well as local offline authorization.

    Why participate in FIC Lille?

    With nearly 30 institutional partners (French Ministry of Defense, ANSSI etc.), 30 workshops and over 350 industrial partners, the FIC is a major conference for the French and adjacent cybersecurity markets.

    Learn more about inWebo SaaS-based Multi-Factor Authentication by:

     

    Mobile World Congress – Barcelona 2/25-28

    Posted by | Events | No Comments

    inWebo at MWC

    inWebo will be participating at the Mobile World Congress in Barcelona on February 25-28, 2019!

    We will be located in the French pavilion (Hall 8.1, block D41) to demo our SaaS-based MFA solution and to introduce our newest addition, an on-demand mobile key framework called Airkeys.io.

    This innovation enables seamless and secure user access using a smartphone, regardless of connectivity. Airkeys.io facilitates multiple use cases by offering a secure alternative to physical badges and keys: on-demand mobility such as car rental or bike sharing, physical access to buildings or homes, sign-in to booked events or shared resources…

    Why participate in MWC Barcelona?

    Initially dedicated to mobile networks and handsets, MWC has become a global event featuring innovations in the fields of mobility, digitization and Internet of Things. This is the opportunity to meet with inWebo as we showcase innovative strategies to overcome the security challenges of IoT.

    Book a meeting with inWebo!

    Book a meeting with inWebo to discuss your mobile key or digital identity projects and to learn more about inWebo SaaS-based Multi-Factor Authentication and the Airkeys.io framework.