DualShield is a Multi-Factor Authentication (MFA) platform that is used to secure all types of applications with two-factor authentication or multi-factor authentication.

Unified Authentication Methods

DualShield supports almost every type of multi-factor authenticaiton method that you have ever seen and wanted to use, covering all areas in knowledge-based (what you know), token & device based (what you have) and biometrics (what you are).

• OTP (One-Time Password) by SMS, email and voice call
• OOBA (Out of Band Authentication) by push notification, SMS and voice call
• OTP tokens, keyfobs and cards
• OTP apps, e.g. Deepnet MobileID, Google Authenticator etc
• Grid cards, proximity cards and smart cards
• USB keys (FIDO U2F)
• Keystroke Dynamics
• Biometrics, e.g. Fingerprint, Face & Voice recognition
• Device Fingerprint, Device ID, Device DNA.

Unified Authentication Solutions

DualShield can secure all commonly used enterprise and web/cloud applications with multi-factor authentication, covering VPN & RDP remote access, Windows, Mac and Linux OS Logon, Web & Cloud services as well as Outlook emails.

• VPN Login, e.g. Cisco ASA, Palo Alto SonicWall. WatchGuard, etc.
• Windows Login: AD domain login, RDP login
• MacOS Login
• Web Applications. e.g. Sharepoint, CRM, ERP, etc
• Cloud Service, e.g. Office 365, Google Apps, SalesForce, AWS, etc.
• Outlook Anywhere, Outlook Web Access, ActiveSync

Unified Authentication Protocols

DualShield supports several authentication protocols that have been used by different types of applications, including LDAP, RADIUS, SAML, FIDO and OATH.

• LDAP: commonly used to provide a directory service for storing user information and to verify user credentials, i.e. usernames and passwords.
• RADIUS: a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) services, commonly used by networking devices such as firewalls and VPN servers.
• SAML: an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. Commonly used by web & cloud applications to provide single sign-on (SSO).
• FIDO: a set of security specifications for strong authentication including multifactor authentication (MFA) and public key cryptography (PKI). Commonly used to replace password with device based authentication.
• OATH: a set of open authentication standards, e.g TOTP (Time-based One-Time Password) and HOTP (Event-based One-Time Password), which have become the de facto OTP standards supported by many multi-factor authentication products.

Unified Authentication Experience

Multi-factor authentication requires users to provide multiple credentials in the login process. It is inevitably more complex and time consuming than password only authentication. Typically, users often need to access different types of remote resources, services and applications, from various types of devices. For instance, you may need to connect to your corporate network remotely via VPN from your laptop, and you might also need to access your business emails from your smart phones. Therefore, the user experience in the multi-factor authentication (MFA) process is very important. A successful MFA product must provide an excellent user experience in such way that users do not see multi-factor authentication being inconvenient to use, or even reducing their productivity.