Within RapidIdentity, Push Authentication is known as PingMe. By deploying RapidIdentity PingMe, organizations can now implement highly secure, passwordless authentication for their accounts. RapidIdentity PingMe utilizes push notifications for effortless verification during the RapidIdentity login process. This is an out-of-band authentication that cannot be intercepted at the point of password entry.
Push authentication is usually combined with the use of a password, but can be used in lieu of a password. Instead, users verify their identity by responding to a push notification that is sent to their mobile devices.
Behind the scenes, the authentication is protected by utilizing a One Time Password in the response message back, thereby protecting against replay attacks.
How PingMe Works With RapidIdentity MFA
As long as your users can login to their mobile devices, they can login to their RapidIdentity accounts with RapidIdentity PingMe.
During the login process when authenticating with RapidIdentity PingMe, the RapidIdentity Server contacts the user’s device on which the RapidIdentity Mobile app is installed. PingMe posts a notification on the device, and when the user accesses the app, he or she will be able to approve or deny the request. A “deny” response not only prevents authentication, but can be configured to notify an admin or other party. In addition, a PIN or TouchID can be added to the process for added security.
When the user combines PingMe with a locking function on their mobile phone, this establishes a valid form of multi-factor authentication. The user’s registered phone acts as the first authentication factor (something you have), and the phone’s Touch ID (something you are) or PIN (something you know) is the second.
The Benefits of Push Authentication
- Fast and convenient to use
- Eliminates password fatigue
- Leverages users’ existing mobile device, so no hardware to manage
- Out-of-band authentication cannot be intercepted at the point of password entry
