The SMS PASSCODE Blog

According to BBC and Ericsson, there are now more than 5 billion mobile phones in the world and the number is still growing.  According to Ben Wood, mobile phone analyst at CCS Insight,  ” … the mobile phone may be “the most prolific consumer device on the planet …… Now almost every adult, child and domestic pet seems to have one, given that 30 million phones are sold every year in the UK,” he said.

Source – BBC: http://www.bbc.co.uk/news/10569081

Source- Ericsson: http://www.ericsson.com/news/1430616

The pervasiveness of mobile devices will drive the global adoption of new two-factor SMS authentication solutions such as SMS PASSCODE.

When an IT organization deploys a virtualized desktop infrastructures (VDI’s), all users essentially get a central “virtual” desktop that is accessed remotely. The benefit is easier user PC management but the tradeoff is that all the IT resources including the PC, applications and data are accessible if the users identity is compromised. This fact drives the need for increased two-factor authentication. SMS PASSCODE Version 4 introduces a easy to use yet more secure protection when compared to legacy hardware token based two-factor authentication.

“We are already widely used for accessing Microsoft’s remote desktop and Citrix Systems’ XenApp virtual technologies. We have taken this virtual lead and now extended it to all virtual desktop initiatives” says David Hald, CEO at SMS PASSCODE.

Specifically, the new version 4.0 extends the award winning SMS PASSCODE solution with the following VDI support:

• Citrix XenDesktop and XenApp The Citrix XenDesktop and XenApp solutions have a range of access methods that are supported including a seamless integration into the web interface portal access and the access gateways & Netscaler.
• Microsoft Remote Desktop Services Microsoft has a set of access methods spanning from direct login via windows login (Gina and Credentials Provider) or via the Remote Desktop Web and Gateway services. Support is announced for all of these access scenarios including a unique support for single-sign-on configurations.
• VMware View Virtual Desktop SMS PASSCODE is the first SMS two-factor authentication provider to support the VMware Client and View portal access technologies including supporting a series of differentiated login configurations based on the user being local or remote or based on the given user that accesses a given virtual desktop.

More details about SMS PASSCODE4.0 can be found at: http://www.smspasscode.com/product/version4

This Service provider (SPLA) program delivers SMS PASSCODES award winning two-factor authentication solution on a quarterly subscription basis with no upfront commitment requirements.  Whether you call it hosing, service provider, software-as-a-service or Cloud Computing, it is all about delivering a certain capability in a more flexible manner than a traditional perpetual license on premise solution. SMS PASSCODE actually is more of an ideal fit to service providers than one would think.

First, users of hosting services wanted to eliminate servers and outsourced that. Then they wanted to avoid application maintenance and started sourcing these as a service to avoid on-premise efforts. Now, with the arrival of SMS based two-factor authentication like SMS PASSCODE, users can now also get rid of the traditional tokens and outsource that service to a hosting provider as all users already has a cell phone.

The program has a few benefits including:

Earn profits with SMS based two-factor authentication
Traditional token based two-factor authentications solutions have been challenged for hosting providers due to the heavy administration and implementation burdens of physical devices. This is more prevalent when you have many small customers that frequently need activation or changes. SMS PASSCODE offers a new generation two-factor solution that uses the mobile phone SMS. This removes any hardware administration enabling a new user to be activated with a single click.  The result is simply that service providers and hosting vendors now can offer this new service with no staff investments required and therefore quickly generate more profits by selling new capabilities to the customers. That the solution also is more secure and protect against the modern threats on the internet is an added benefit that can be use to differentiate the services offered from that of the competition.

Designed from the ground up for service providers
Service providers and hosting vendors have a set of different requirements than traditional enterprise clients. The recently announced SMS PASSCODE version 3.0 shipping already has a set of hosting specific capabilities that makes hosting two-factor authentication easy:

• Multi-tenant support: SMS PASSCODE can have multiple hosting clients running different Active Directories within the same installation with full redundancy and load balancing capabilities. This includes support for multiple SMS transmitters so each customer has their own SMS billing, transformations if user data is stored different from customer to customer.
• Scalable and fault tolerant:  SMS PASSCODE is a “loosely” cloud ready design that enables service providers and hosting vendors to add new modules and new SMS PASSCODE “servers” on the fly without ever taking the system down or reboote the server. New users and new customers can also be added on the fly by simple adding the new users to the SMS PASSCODE group in the existing Active Directory domain
• Each customers login process can be personalized based on an advanced rules engine enabling backup routines such as sending the code to a backup phone in the evening, routing users based on country code to the local SMS sender or a host of other ways easily configured with the web-based user interface

The hosting program is open to any authorized SMS PASSCODE reseller and is sold through SMS PASSCODE’s global network of distributors.  To enter the program, a service or hosting provider needs to contact the local distributor. The start package contains all the needed components of SMS PASSCODE including the first 10 users. In addition to that, users are acquired in increments of 10 users making the program very attractive also for the small- to medium sized hosting market.

This week, Citrix Systems released news of the selected finalists for the Citrix Ready Solution of the Year awards and SMS PASSCODE® was on the prestigious list of nominees. This nomination recognizes SMS PASSCODE as a company that excels in providing a new generation real-time two-factor authentication that are seamlessly integrated with the broad palette of Citrix products and solutions.  SMS PASSCODE has a long standing very good relationship working closely with Citrix Systems both at a regional level to promote and provide the benefits of application delivery solutions to customers and at a corporate technical level as seen with the recently released Citrix Receiver for iPhone SMS Authentication capability.  Simply put by David Hald, co-founder and CEO at SMS PASSCODE: “We are honored to have been chosen as a Citrix Ready Solution of the Year finalist and to be showcased within the Citrix eco-systems. The nomination field is in the very elite of the global IT industry and we are very excited to be nominated in a field of such strong contenders”.  You can learn more about the award at http://community.citrix.com/display/ocb/2010/05/03/SMS+PASSCODE-+Citrix+Ready+Solution+of+the+Year+Finalist. The complete list of nominees are at http://community.citrix.com/display/ocb/2010/04/26/Citrix+Ready+Announces+the+2010+Solution+of+the+Year+Finalists

SMS PASSCODE® just won another award, as Info Security Products Guide, the industry’s leading information security research and advisory guide, has SMS PASSCODE® version 3, a winner of the 2010 Global Product Excellence in Authentication Customer Trust Award. This customer trust honor is the greatest endorsement to the fact that SMS PASSCODE® version 3 is ahead of the curve when it comes to the best-of-the-best products that can provide the highest security in the Authentication space

SMS PASSCODE is a new generation of two-factor authentication that is more secure than traditional alternatives and protects against the modern threats on the internet. When a user accesses a system, he or she is first validated with username and password. Once validated, SMS PASSCODE generates and sends a real-time one-time-passcode to the user’s cell phone via sms. The sms is only valid for that one particular login attempt. Once the code is entered and validated, the user is granted access. In addition to the more secure login process, SMS PASSCODE offers plug-and-play integration to employee login systems including Citrix, Cisco, Microsoft, F5, Juniper, Watchguard, Checkpoint and other VPN/SSL VPNs, web and desktop systems as well as a scalable and fault tolerant architecture.

To learn more visit: www.smspasscode.com.

Our labs continuously run tests of our various clients and recently ran a validation of using SMS PASSCODE®  for two-factor authentication via SMS of the Cisco iPhone VPN client. To illustrate how easy it is to use, we made below screen shots. We already support the standard Cisco IPsec, AnyConnect and SSL VPN solutions.  It is the second iPhone client in addition to the Citrix iPhone Receiver that we have tested support for. You can read more about the iPhone Receiver from Citrix further down in our blog.

The iPhone client is illustrated in the picture to your right. 

Just in from the Microsoft labs, the new SMS PASSCODE® verison 3.1 has passed the “Works with” lab tests for both the Windows Server 2008 R2 and the .NET platforms from Microsoft. SMS PASSCODE has been a long standing Microsoft partner extending its award-winning two-factor authentication via SMS solution to the Microsoft Forefront Unified Access Gateway (UAG/IAG), Outlook Web Access including the latest OWA 2010, Terminal Services/Remote Desktop Services including the latest Windows Server 2008 as well as Windows systems.  The rigorous tests were passed flawlessly in first attempt with no remarks.

The SMS Authentication protection is integrated tightly into the Microsoft technologies. This gives a very transparent user experience. E.g. for a user logging into Outlook Web Access 2010, the user first authenticates as usual with user name and password. Once validated, SMS PASSCODE present a new window requesting the user to enter the passcode that was generated and send real-time to the mobile phone via SMS. When entered, the user is granted access to OWA. No need for seperate screens, self-service portals or similar inconveniences seen with older technologies such as tokens.

To learn more, visit http://www.smspasscode.com/Company/News%20-%20Press/MicrosoftISV.aspx

Earlier in the month, the InfoSecurity Product Guide selected the SMS PASSCODE® sms authentication solution one of just 3 finalists for the Global Product Excellence Award in the category of Authentication Solutions (Multi Single or Two-Factor).  The nomination like in the past is driven by SMS PASSCODE’s recognized position as a technology leader in a new category of two-factor authentication via SMS. To learn more visit: http://www.infosecurityproductsguide.com/awards/2010/2010GBE-Finalists.html

A new program has just been launced by SMS PASSCODE® that delivers the award-winning two-factor authentication via SMS solution under a pay-as-you-go program whereby hosting and service providers are able to procure SMS PASSCODe under a quarterly payment term with the flexibility to add and remove users as needed.  The latest SMS PASSCODE® veriosn 3 solution already supports the technical needs of hosting and service providers for running multiple clients on the same installation. It is now also available on a subscription based delivery model enabling low-risk new revenue opportunities.

Visit www.smspasscode.com/products/splp.aspx to learn more.