Users are protected:
- Phishing – there are no usernames
- Keyloggers – no username and password to capture
- Pharming – the website is authenticated by WWPass
- MITM/MITB – end-to-end encryption and strong authentication
Your business is protected:
- Usernames are eliminated
- User identity is encrypted, fragmented, and dispersed in the cloud
- Identity data can only be accessed with user consent
- Hackers cannot impersonate your users
Application & Website Authenticity
Hackers are very creative in developing schemes to steal user credentials. Creating fake websites or redirecting traffic to realistic looking log on pages are some of the many ways that they achieve success. When using WWPass authentication, users are protected from the various tricks the criminals use to steal their identities.
An application, website, or domain are registered with WWPass and provided with a Service Provider ID (SPID) and a digital certificate. Applications that are enabled with a SPID are part of the authentication solution. When the user chooses to log on to the application, the application authenticates with WWPass first. Once the application is verified, the user receives proof that the application is legitimate from WWPass. This is important, because the user now knows that he is not being duped into logging on to a fake website or application.
When the user completes the log on by entering his access code, he is authenticated by WWPass and the credential data that proves the identity of the user is sent to the application. The credential data is retrieved from our cloud based Distributed Data System where the data us encrypted, fragmented and dispersed.