MultiFactor SecureAuth® – End User Experience 
SecureAuth® for Web Authentication
MFC SecureAuth® is the only tokenless, non-phishable authentication solution for web authentication that strongly authenticates the end-user and the web server, in an easily deployable manner. Using a combination of on-site security components and web services, SecureAuth provides a turnkey solution that delivers an algorithmically proven method to thwart phishing, DNS and man-in-the-middle attacks.
SecureAuth can create universal authentication assertions, such as SAML 2.0, and send these assertions to the application, after a successful SecureAuth® authentication. This is an ideal solution for Apache-based solutions that can use Shibboleth for SSO. SAML 2.0 assertions may also be used in extranet environments, such as federated deployments. MultiFactor Corporation successfully implemented SAML 2.0 into Google Apps, and now offers it as one of its marquee solutions.
SecureAuth features an out-of-band self-registration method that automatically generates X.509 certificates for end-users. This browser-based solution eliminates the need for administrator resources to deploy software, install upgrades, or train end-users on complex remote access procedures.
Distinctive Features
• SecureAuth integrates directly into pre-existing web applications
• SAML 2.0 and SAML-based assertion models like Apache Shibboleth
• Secure Target/Redirect functionality
• Bi-lateral, client/server authentication
• Out-of-Band Registration via SMS Text Messaging and Telphony One-Time-Passwords
• No C-SSL Knowledge needed
• No PKI infrastructure to install
• Cross-platform Support: XP, Vista, Apple
Advantages
• Fully portable solution
• Virtual Server or hardware appliance models
• No hard tokens to issue or manage
• Fraction of the cost of hard tokens
• No integration code required
• Uses existing datastore
• Complies with PCI, FFIEC, GLB, HIPAA, and other regulations
