Exostar, whose cloud-based solutions help companies in aerospace and defense, life sciences, and healthcare collaborate securely with their partners, today announced the general availability of a new option for multifactor authentication. Exostar Mobile ID is a smartphone or tablet app-based authenticator for which Exostar has achieved Level 3 SAFE-BioPharma certification under the FICAM trust framework. The solution turns an individual’s mobile device into a secure hardware-based second factor for access control to applications and data through Exostar’s identity management platform.
Upcoming deadlines that incorporate standards such as NIST SP 800-171 in the US and the General Data Protection Regulation (GDPR) in the EU make multifactor authentication a mandatory capability. Exostar Mobile ID leverages a mobile device’s cryptographic functionality to deliver a highly-secure authenticator that is convenient and easy to use.
Organizations benefit from immediate onboarding and availability; all individuals have to do is download the app and follow the intuitive, guided registration process. Exostar’s registration process includes strong user identity proofing, which verifies that the correct individual is receiving the authenticator.
Exostar Mobile ID operates in two modes:
- Online – If the mobile device is on a data network, individuals receive a push notification when they request access to applications connected to Exostar’s identity management platform. With a single touch on the device, they confirm their identity and desire to proceed.
- Offline – If the mobile device is not on a data network, individuals receive a one-time password generated via a key installed on the device itself to use for application access.
In either operating mode, Exostar Mobile ID enhances security by eliminating the need for individuals to carry an additional hardware token and by mitigating vulnerabilities associated with voice or SMS delivery of one-time passwords over the telephone network. Exostar Mobile ID is compatible with smartphones, tablets, and other devices running iOS or Android.
“With 63% of all data breaches linked to stolen credentials, multifactor authentication is no longer a nice-to-have; it’s a must-have,” said Ghanshyam Sharma, Exostar’s Director of Identity and Access Management Product Development. “Exostar Mobile ID promotes compliance with US DEA, US DoD DFARS, and EU GDPR mandates with an elegant solution that addresses requirements and facilitates adoption.”