(C)SSenStone
  • Once StonePASS is applied, where is the password saved?
  • Password is not saved on the user's smartphone or the DB server. Password becomes one of the elements to create user authentication key, which is used when creating the authentication key value.
  • What's the benefit for the system administrator if he/she introduces StonePASS?
  • The existing security solutions used to save users' passwords on the DB server. Also, clients had to introduce multiple solutions in order to save data. However, any serviers that applied StonePASS can save a lot of cost when introducing a security solution. The establishment cost to introduce StonePASS and the maintenance cost of StonePASS is much lower than other existing solutions.
  • Is StonePASS the solution that only replaces the existing password?
  • StonePASS is one of the most integrated authentication technology that realizes any existing user authentication technologies into one algorithm. StonePASS acts like authentication middleware.
  • What user authentication technologies can StonePASS realize?
  • The following 18 authentication methods including account management sync can be replaced or supported by StonePASS' authentication technology: 1. Authentication through password, 2. i-Pin authentication, 3. Graphic authentication, 4. FIDO/Biometric authentication, 5. Simple payment, 6. Security card, 7. OTP, 8. Smart OTP, 9. OTP for transaction sycn, 10. SMS authentication, 11. Integrated authentication/SSO between apps, 12. Authentication between apps & ATMs, 13. Smart security card, 14. Phishing site recognition, 15. Dialogue-type user authentication, 16. iPhone user authentication, 17. IoT user authentication, 18. Blockchain SSO.
  • Are any data related to users' personal information transferred in the process of StonePASS authentication?
  • No. Any data regarding users' personal information are not transferred during the entire process of authentication. This is possible thanks to the matching done through the OTP number based on user authentication key that is created real time.
  • We'd like to introduce biometric authentication. Does StonePASS support biometric authentication and FIDO?
  • StonePASS has acquired FIDO alliance. Therefore, you can adopt biometric authentication for iOS phones and Android phones and apply other biometric or performance recognition technology.
  • How safe is StonePASS in terms of security?
  • Accordingly to the guideline of electronic certificate by NIST (the National Institute of Standard and Technology), the security level of StonePASS is Level 3 for the Multi-factor Software Crypto-graphic Token. This is the same as the PKI, one of the current authentication methods and this has safer level in security than OTP devices.
  • Does StonePASS provide support for new ICT environment like Cloud, IoT and blockchain?
  • With StonePASS, users are able to do user authentications in the environment of server/client, open cloud, blockchain and IoT.
  • What's the benefit of using StonePASS for the general users?
  • The general users have multiple options with various authentication technology. That means, they can add any more authentication technology whenever they want to strengthen security, which can increase the safety in security.
  • What's the difference between the existing 1-way authentication method and StonePASS' 2-way authentication method?
  • The existing 1-way authentication method is vulnerable against man-in-the-middle attack (MITM) as well as DB extortion due to hackers' server attack. And this always requires another type of authentication method. The 2-way authentication method, however, enables users to have independent response against the MITM. StonePASS' 2-way Dynamic Key Matching Algorithm, in particular, does matching with every-changing values. And this makes StonePASS absolutely strong against hackers' server attack and the MITM.
Top