web portals have higher security requirements. Complex and safety-critical applications are offered online as Web-based applications. Access to a protected area is usually attained by entering a user name and password. If the the security of the Web site or the transmission of data between browser and server is critical, SSL certificates are used to encrypt the transmitted data.
User names and passwords can be cracked or stolen in different ways, for example if the same password is used on different Web pages, by random trial and error of the combination or through social engineering. "Social Engineering" refers to a course of action that exploits the vulnerability of humans. Often, employees of a company are persuaded with a trick to bypass the normal safety precautions and to divulge sensitive information. Therefore, the SMS authentication represents one more hurdle and surrounds your application with an additional layer of protection. There are of course alternative ways (without SMS) to implement the so-called two-factor authentication, for example with the Google authenticator.
More security with our SMS-authentication solution
We integrate a SMS PIN code authentication in your Web application. Increase the security of your data.
This is how it works: the user enters his user name and password as usual. With successful entry, the system immediately releases a text message that is sent to the telephone number stored by the user. The text message contains a PIN code, which must be confirmed on a second screen. If the PIN code is correct and is entered within a defined period of time, the authentication process is complete and the user gains access to the protected area.
Successfully in use
Currently we have implemented this solution at the Spitex, namely for their tool for online patient registration (More information about the solution). The SMS service is permanently available and provides additional security for Spitex.