Personal tools
You are here: Home Learn More Technology & Architecture
What people are saying
Contact Us
WiKID Systems, Inc.
1375 Peachtree St.
Suite 600
Atlanta, Ga. 30309
866-244-1876
irc.freenode.net: #wikid
 

Technology & Architecture

WiKID Systems has created an entirely new, patent-pending architecture that fundementally changes the way one-time password systems work. Unlike time-synchronous and counter-based OTP systems, WiKID only generates a code upon reciept of a proper request - the correct PIN, validly encrypted on an active account. This architecture eliminates the need for kludgey patches to check for false codes or clock manipulation or drift. The Request-Response architecture was designed from the ground up for the Internet age.

Document Architecture Overview
Fundamentally, WiKID Strong Authentication works this way: A user selects the domain they wish to use and enters the PIN into their WiKID Two-factor client. It is encrypted with the WiKID Server's public key - assuring that only that server can decrypt it with its private key. If the server can decrypt the PIN and it is correct and the account is active, it generates the one-time passcode (OTP) and encrypts it with the client's public key. The user then enters their username and the OTP into whatever service they are using, a VPN e.g., which forwards it to the WiKID Server for validation.
Document WiKID Strong Authentication Domains
In WiKID a user is associated with a "Domain". The domain in turn points to a Network Client - completing the triangle.
Document WiKID's Strong Authentication Device Client Support
WiKID supports the broadest selection of operating systems in the industry. If you need Windows, Mac, Linux, J2ME, PocketPC/SmartPhone/Windows Mobile or Blackberry, we have you covered. Indeed, if you need a custom client, we can develop it. If you need to embed two-factor authentication into your application, we can do that too.
Document WiKID Strong Authentication Network Clients
Network Clients can be network services such as VPNs or SSH or another server which proxies the authentication request to the WiKID Server such as a RADIUS server or an LDAP server. Additionally, we provide a simple API and sample JSP or ASP pages for Web-enabled applications using our SSL-encrypted authentication protocol - perfect for adding two-factor authentication to extranets and intranets.
Document WiKID Transaction Authentication
Even with stronger session and mutual authentication, there is still a risk from session-hijacking trojans. Using WiKID for transaction authentication will thwart session-hijacers.
Document WiKID Mutual Authentication
Typical one-time passwords systems are susceptible to man-in-the-middle attacks. WiKID combines one-time passcodes and site authentication in our PC clients to create a cryptographically secure mutual authentication system.
Document Actions
Start using WiKID today
Got Questions? Get Answers.