Mobile authentication specialist Encap has launched its developer toolkit, enabling app developers - start-ups or multinationals - to implement on-demand two-factor authentication ((2FA)) without the use of expensive hardware tokens or SMS codes.
“Two-factor authentication is increasingly the norm for major corporations - Google, Apple, and Facebook have all recently implemented this type of security, albeit not as well as they could have,” said Thomas Bostrøm Jørgensen, CEO, Encap. “Our toolkit offers developers the opportunity to integrate two-factor security seamlessly into applications - no expensive hardware or SMS codes, no upfront costs, and simple for their customers.
“Competition in app marketplaces is fierce, and a seamless experience where a user never leaves the app will trump one that involves fiddling with extra hardware or receiving SMS codes to achieve the same level of security. Integrating Encap is an opportunity to not just match the security of the financial and technology giants – but beat it,” concluded Jørgensen.
Two-factor authentication uses ‘something you have’ and ‘something you know’ to ensure a much greater level of security than a simple username and password. Two-factor authentication is most often implemented through hardware tokens or SMS codes, both of which give the user a unique One Time Password which is then entered into the application to gain access.
Encap is different: it uses the mobile device to enable this level of security. A PIN chosen by the user becomes the “something you know”, and the mobile device is the “something you have”. Encap’s approach has been verified by security experts Room66 and has won various international awards. Encap’s technology is used by financial institutions in the Nordics, such as EnterCard and Sparebanken Vest.
Testing and integration of the Encap solution can be done without paying up front or delaying time to market. Developers can test the solution using Encap’s public test server, and there is no cost to use a basic trial license.