Confidence without compromise...
Today's fast-paced business world demands constant, reliable and controlled access to confidential information. The need to securely transfer, track and verify sensitive data is a given. Strong authentication is a must. But it often seems that relieving the headache of insecurity often leads to the migraine of inconvenience. On the other hand, finding the convenience you want too often sacrifices the security you need. Why settle? That is why Priva created the Cleared® Security Platform™, a customizable, powerful, multi-part, auditable, end-to-end authentication platform offering unparalleled authentication without compromise.
Authenticate with certainty...
Priva’s Cleared Security Platform goes beyond traditional three-factor authentication, (what you have, what you know, and who you are) to provide the most robust advanced authentication technology in an easy-to-use solution. The major components are theClearedHost™, a secure authentication server, and the ClearedChip™, a custom mixed-signal integrated circuit that has been FIPS 140-2 Level 3 validated.
Additionally, the ClearedKey™ a personal biometric authentication device incorporating the ClearedChip™, is provided for user authentication. Together, they provide a robust authentication solution for secure transactions, with the ability to seamlessly integrate with new and legacy applications. The Cleared Security Platform results in lower maintenance, flexible security policy setting, and increased return on investment.
An end-to-end system...
Be confident that only authorized users have access to sensitive data with certainty that data is received from a valid source every time. Know the transaction of your company’s data is fully auditable. When it comes to authentication needs, be certain. Within the Cleared Security Platform, network sessions are created in a tightly bound authentication flow. The platform authenticates systems, networks, and users through an end-to-end system that redefines single-point authentication. The Cleared Security Platform minimizes time to deployment and represents an extraordinary value proposition for enterprise customers and their partners. The authentication process is initiated by the ClearedChip initiating a bidirectional challenge/response process with the ClearedHost. Once the ClearedChip and ClearedHost have completed this validation process, the user, system or network is “cleared” to begin a secure session for user authentication, transactions, data streaming, Virtual Private Networks (VPN), or other authorized applications. Unlike other authentication systems, accessing the system via the ClearedChip device does not allow other applications to utilize an open channel via the device without authorization.
Unlike traditional one-time-password (OTP) models that use either time or counter based OTP generation schemes, the Priva Technologies Cleared OTP solution, utilizes end-to-end authentication with a single OTP generation/validation point within the Cleared Security Platform. Network sessions are created in a tightly bound authentication flow. The platform authenticates systems, networks, and users through this end-to-end system, that redefines single-point authentication. Cleared OTP is an easily implemented solution, providing certainty for user authentication and security of transaction data to eliminate losses due to session hijacking. The data is secured without the overhead associated with PKI based solutions. By minimizing time to deployment, the solution represents an extraordinary value proposition for the enterprise, their customers, and their partners. The Cleared OTP solution excels in providing:
- Authentication with certainty
- Immunity to Phishing & Pharming
- Secured data without PKI overhead
- End-user convenience
- Integration with current infrastructures and legacy applications
- Scalability and performance
- Rapid Deployment
- A single integrated technology
- End-to-End Authentication
Easily adapts to changing environments...
The security world is in a state of convergence. Whether this is due to new technologies, competition, or internal needs, authentication requirements will change. The Cleared Security Platform was architected to adapt to emerging technologies without costly upgrades. The Platform goes beyond traditional authentication, working seamlessly with existing applications, while providing the ability to integrate new applications. This extensibility results in lower maintenance, controlled access and greater return on investment.
Sample cleared otp process...
(1)The OTP process is initiated when a user connects to a Cleared OTP enabled service. (2)The service serves an authentication applet to the user’s computer which initiates the authentication process. (3)The ClearedChip within the connected ClearedKey initiates a bidirectional challenge/response process with the ClearedHost. Once the ClearedChip and ClearedHost have completed this validation process, the user, system or network is “cleared” to begin a secure session for user authentication, transactions, data streaming, Virtual Private Networks (VPN), or other authorized applications. (4)Upon user authentication to the ClearedHost, via biometric and optional pass phrase identification, a unique OTP and session encryption key is securely transmitted from the ClearedHost to the ClearedKey. (5)This OTP is then returned to the service requesting authentication. The service transfers the OTP to the Cleared OTP authentication module. (6)The Cleared OTP authentication module creates a secure connection with the ClearedHost to validate the authenticity of the received OTP. (7)If the OTP is valid, the ClearedHost returns the time that the OTP was requested, along with the hash of the user’s Cleared Security Platform enrollment and the session encryption key for use in encryption/decryption of transaction data by the Cleared OTP enabled service. (8)Secure transaction communication can now proceed between the application server and the user's computer.