Deployment and Initial Validation
WiKID Strong Authentication is the only solution where initial validation can be completed automatically - 100% self-service by the end-user. The WiKID Two-factor Client as shipped contains no security information, only the ability to create the public/private key pair, so this client can be installed anywhere by anyone. (Many devices now support over-the-air download, making software deployment incredibly simple.) It is not until after the key pairs are exchanged between the WiKID Two-factor Client and the WiKID Strong Authentication Server and after that exchange has been validated through a second, trusted channel that a security relationship has been created.
The web-based interface of the WiKID Strong Authentication server is intuitive and easy to use. Security professionals will appreciate working on security, rather than the logistics of token management.
The WiKID Two-factor Software Token is easily replaceable. There is no box of hardware tokens with limited lifetimes locked up in the administrator's office. If a device is lost, it is much easier to replace software.
WiKID developed the system with an eye toward ongoing management. Updates to the system will be available via a secure download process or via a shipped CD.
Convenience and Ease of use
WiKID Systems is committed to ease-of-use for the end-users and the administrators. Employees dislike having to carry additional hardware, such as hardware tokens. Most employees tend to like self-service applications and to dislike calling helpdesks. WiKID automated initial validation system is simple for employees to use. Our ability to reset LAN passwords is a perfect self-service application.
Portability - works anywhere
A key requirement for mobile workers is to be able to log in from any location, even from a kiosk or other non-company owned PC. WiKID provides the online request-response mode and falls back to the challenge-response mode when out of wireless coverage. It requires no reader and works everywhere.
Counter-based and time-synchronous tokens have a one-to-one relationship with their authentication server. The WiKID Two-factor Client, can have relationships with multiple WiKID Strong Authentication Servers. This extensibility can save money internally and increase security externally.
WiKID includes the ability to add a domain that handles password resets for NT and Active Directory domains. As noted below, password reset calls are expensive and all too frequent. WiKID users can have a domain for remote access and one for resetting LAN passwords. (Update: This feature has been removed. Please contact us to see about re-enabling the feature.)
Increasingly, companies are opening up their networks and applications to suppliers, vendors, consultants and other 3rd parties. While these tight ties have increased productivity and smoothed supply chains, they have also increased security risks. Do your vendors use strong authentication to log into your network? Do your employees use strong authentication when they log into your vendor's networks? The ease of deployment and low price-point of WiKID makes it practical to deploy strong authentication through the whole supply chain. Moreover, end-users can use the same client for both companies. Your vendors will see the same financial benefits as you do, increase the value of the entire chain.
Each request and response on the system is a mere 251 bytes. This small transaction size allows the server to handle a huge number of users. Multiple servers are more for fault-tolerance than scalability.
Future capabilities Already WiKID Systems is the first two factor authentication system to combine two-factor authentication with a password reset capability out of the box . The WiKID architecture provides for robust future flexibility through new clients, new protocol modules, new network clients and new technologies. As an example, we can add location as a 3rd factor once the wireless carriers publish location-based information. As more wireless devices include short-range wireless connections such as Bluetooth, we can add proximity too.