Solutions Solutions security topics

Solutions security features

GenMsecure Authentication Engine's security features

GenMsecure Authentication Engine's main security characteristics are the following:

 1. a 2-level strong authentication
      • Smartphone hardware signature (processor serial number…)
      • Personal Code defined by end user during service enrolment

 2. 3 resistance levels against « Man In the Middle » attacks
      • Smartphone - Authentication server link made with https /TLS V1.2 protocols and full certificate checks
      • All exchanged data are ciphered with 256 bit AES session Key
      • 3rd enciphering level for sensitive data (SHA 512, PBKDF2)

 3. Resistance against « Phishing »
      • AES session key sent by mobile application to server enciphered with server RSA public authentication key
      • Authentication server X509 certificate fully checked by mobile application
      • 2048bit RSA public/private keys are different for each authentication server

 4. Same level of security for "connected" and "non-connected" modes

 5. Secure smartphone application
      • No data stored by smartphone application (no data file)
      • Application code is entirely obfuscated (system calls are hidden…)

 6. No risk related to user personal data leakage
      • The only user personal data stored by the authentication server is the phone number

 7. GenMsecure strong Authentication Engine security has successfully been audited by 2 external security companies
      • "White box" audit (source code provided to the Lab)
      • "Black box" audit

For more information, please download and read “Authentication Engine: security features”
© GenMsecure 2015