How SecureAuth Defends Against Man-in-the-Middle Attacks

SecureAuth detects MitM attacks by one or all of the following:

• Invalid  RAU (Requested Authentication URL)
  • The MTM URL would differ from the actual URL in a Man-in-the-Middle attack
• Altered or Different Web SSL Certificate
  • Obtained by the ActiveX component and signed with the User’s Private Key during authentication.
• Altered or Different Certificate Request Identifier
  • Used also to eliminate “follow-on” attacks, and signed by the MFA ActiveX with the user’s private key to prohibit alteration.

SecureAuth Authentication Server Also checks:

• User Certificate issued from SecureAuth’s  CA
• User Cert is still valid (expiration date)
• User Cert is for enterprise in question
• User Cert is for application within enterprise (configurable by enterprise)

SecureAuth delivers X.509 digital certificates to the end-user automatically:

• Provides bilateral authentication
• Built-in Certificate Authority requires no special PKI infrastructure or knowledge
• Maps to the Identity in Data Store (Active Directory)
• Tracked in the Data Store
• Supports VPNs, network devices including mobile (Android)

SecureAuth conducts a secure client X.509 v3 Authentication with standard client-side certificates.

Unique browser/client authentication eliminates the need for C-SSL on Web or SaaS applications, and works with existing applications.

To see how easily SecureAuth works, call authorized reseller, Milestone Systems, Inc. -- 877-771-9510 or email ask@milestonesystems.com