2 factor authentication

The Smart 2FA framework attempts to block vulnerabilities in real time at the time of access. The system relies on the “Something You Know + Something you have” philosophy.

As a part of the sign up process, consumers are made to supply their mobile number and alternate email ids. A reputation database of all users has been built which maps the relationship between various facets of access details of users. Some of the facets that are considered are: users’ location, ISP, device type, device ID, service being used, browser details & time graph of access. Each relationship is mapped separately.

So for instance, a consumer accessing web mail from a particular ISP from some location and using a particular device is maintained separate from the same consumer accessing some other service from the same ISP and same location and using some other device.

A rule engine evaluates each users request separately at the time of access and assigns a severity score to it. Depending on the severity level, the system alerts the authorized user through SMS and blocks all suspicious request.

Users can then either authorize the request or keep blocking them