Security is a central element to our software. Since smart phones are by their very nature mobile (and therefore at risk of potential loss or theft) we wanted to incorporate something new for Progress Mobile – 2 factor authentication (2FA).
- a password or pin
- something you have such as a mobile phone, hardware or software token
The technical bit…
2FA works using a token system. A unique token needs to be requested, then issued before being able to gain access. The tokens are usually small and easily lost so causing more problems for everyone when requesting new ones.
We’ve solved this problem with 2FA by utilising SMS technology already integrated into Progress Mediation. By turning the mediators’ smart phone into an authentication device, it enables us to quickly and easily generate these unique tokens.
How it works…
Progress Mobile users firstly enter their username and request a special token (or code). This is generated and automatically sent to the associated mobile linked to the user account, as a text message.
Once the unique SMS code has been received, it can be entered on the next logon screen along with the users passcode. The unique SMS codes are valid for a limited time, preventing any unwanted access to the case information if the smart phone is lost or stolen.
Dual access to mediation information
The software has been designed to enable a single user account to be logged on a desktop and mobile simultaneously.