The strongest MFA — CASQUE
After the era of single step authentication, MFA or Multi-Factor Authentication came to the picture in order to provide high security from forging things which you have or which you know or which you are.
But do you know? Although you have use MFAs like SMS-OTP, Email-OTP, FIDO, bio-metrics and etc, you still are in a risk of securing these as these MFAs are relying on fixed secrets which can be discovered by different hacking techniques.
If you really want to secure your highly important information, CASQUE SNR is the solution for your problem. As the name suggests “ CASQUE” (which means — a helmet) protects your valuables from hackers with the highest security level of 3 and the assurance level is certified by the UK’s National Cyber Security Center.
CASQUE does not rely on a fixed secret so there is nothing to target or disclose. CASQUE is the only MFA which depends on a dynamic secret which provides high protection over other MFA mechanisms. The CASQUE architecture is based on a Challenge-Response Protocol and this is the successful fruit of the effort of Basil Philipsz who is now the CEO of CASQUE SNR.
With CASQUE SNR, users will posses a token that computes the required response to a given Challenge and latter reading the Challenge directly off the Client Screen. These tokens can an have a variety of forms including Smart-card (Contact and Contactless), Bluetooth Fob or Optical Token. Tokens have their initial set of Keys populated which is populated by the customer himself. The Challenge is generated by the Authentication Server of CASQUE SNR. The Challenge only gets decrypted inside the Token and the response also verifies key change success. It is impossible to play back successfully previous Challenges. Hence this is more secure than other mechanisms.
From their researches CASQUE SNR team has figured out that having CASQUE SNR in your system is much more cheaper and stronger than having OTP with an expensive Identity Server like OCTA.
So as good news, it is proud to announce that WSO2 Identity Server now supports CASQUE SNR[1] which helps you to use CASQUE in-house with the WSO2 products to secure your SaaS applications and APIs hosted in AWS.
[1] https://store.wso2.com/store/assets/isconnector/details/03fcefc0-9c8e-4c2d-ae61-d0b04563d50f
