多因素身份认证（MFA）

芯盾时代多因素身份认证产品Multi factor authentication（MFA）采用密钥分割、SSE、设备指纹等技术，与移动安全认证系统协同，实现在移动终端的密钥、数字证书全生命周期管理及密码运算，解决了加密硬件在移动端使用不便问题，提升了移动安全解决方案的兼容性和易用性，支持用户信息管理、身份认证，有效解决了金融行业的钓鱼短信、盗转盗刷等业务风险。

产品功能

终端安全防护集合了密钥拆分、白盒密钥、本地数据隐身、终端环境风险检测、环境安全清场等技术。为终端密钥的安全存储使用，提供了根本的保障。终端环境风险检测配合环境清场技术，实现对终端环境的多项信息采集，结合大数据分析技术，形成完整的终端安全防护体系。

设备指纹通过基于底层设备硬件的指纹算法，结合后台设备库及实时获取的的海量特征信息，为设备产生专有的ID，抑制冲突率和漂移率。

安全沙箱提供了在终端设备中的安全存储环境，完善了对分割密钥等重要关键数据在操作系统中的安全存储及使用。

应用场景

移动设备环境安全

对Android设备、iOS设备的多个设备环境风险点检测，判断终端设备是否存在应用双开、手机ROOT、木马、病毒等设备环境风险，保障终端业务运行环境安全。
本地证书密钥保护

基于白盒沙箱、终端环境检测、设备指纹等功能，提供了在终端设备中的安全存储环境，完善分割密钥等关键数据在操作系统中的安全存储及使用。
重要信息签名验签

提供基于国产算法或国际算法的信息签名验签服务。
钓鱼短信风险防范

通过多因素认证产品将手机打造成移动U盾，实现符合电子签名法的移动安全基线，确保移动终端的安全，有效解决钓鱼短信风险。

产品特色

移动交易安全

通过设备指纹、终端环境安全、威胁防御等技术，实现所知、所持、所有的移动多维联合认证，确保移动交易的安全性。

国密安全认证

具有国密产品认证证书，支持SM2/SM3/SM4/SM9等国密算法，具有纯软件、低成本、易推广的特点，用户密钥抗窃取，认证机制易升级。

在线设备指纹

基于底层设备硬件的指纹算法，结合后台设备库及实时获取的海量特征信息，生成设备ID，确保设备唯一性，抑制冲突率和漂移率，解决传统设备ID易被篡改的问题。

可信安全环境

通过软件SE技术，在手机终端创建可信安全沙箱，综合使用内存保护、存储保护、访问控制、防读取复制等技术，模拟硬件SE安全运行，确保静态存储及动态运行时的安全性。

Products & Services

Human-Centered Zero Trust Business Security Protection System

Home > Products > Endpoint Security Protection (ESP) > Multi Factor Authentication (MFA)

Multi Factor Authentication (MFA)

Trusfort's MFA apply several technologies, such as Key Splitting, Software Secure Element (SSE), Device Fingerprint. It cooperates with mobile security authentication system to manage full life circle of keys & digital certificate and cryptographic operation on moblie client . It has solved the issues that encrypted hardware was not easy to use on mobile client or couldn't combine with mobile client, and improved compatibility and usability of mobile security solutions by supporting user information management and identity authentication. The offering has effectively addressed business risks such as phishing and illegal money transferring and credit card swiping in finance industry .

Functions

Endpoint Security Protection It integrates technologies, including key splitting, white-box cryptography key, local data's hidding from discovery, endpoint environment risk analysis, environment clear etc., to safeguard the store and use of endpoint's key. Endpoint environment risk analysis technology cooperates with environment clear technology to collect multiple information from endpoint environment, and then comnine with big data analysis technology to build a whole endpoint security protection system.

Device Fingerprint Through fingerprint algorithm based on device hardware, it combines with backstage device-base and a massive feature information collected in real time to generate the unique device ID. In the meantime, it can also ensure the uniqueness of the ID and restrain the rates of collision and drift.

Security Sandbox It provides a safe storage environmet in endpoint devices, and improves its capabalities for key data's storeage and use in operation system.

Scenarios

Mobile Device Environment Security

Detecting multiple devices’ environment such as Android device and iOS device to estimate risks, including application double open, mobile phone ROOT, Trojan virus etc., to safeguard endpoint system's operation.
Protect Key of Local Certificate

Based on several funcations such as white-box sandbox technology, endpoint environment detection and device fingerprint, it provides a secure storage environment in endpoint devices, and improves its capabalities for key data's storeage and use in operation system.
Verify Signature of Important Information

It can verify signature of important information based on domestic and international algorithm.
Precaution Phishing of SMS

Making mobile phone as mobile U-Key through MFA products to build a mobile security baseline which is up to Electronic Signature Law, in order to ensure the security of mobile device and effective prevent phishing SMS.

Features

Secure Mobile Transaction

Through device fingerprint, endpoint environment security, threat detection and other technologies to multidimensional verify identities and ensure mobile transaction' safety.

Certificate of China's National Cryptograph Algorithm

It has Certificate of China's National Cryptograph Algorithm and supports national cryptograph algorithms such as SM2, SM3, SM4 and SM9. It is pure software, low cost and easy to promote, meanwhile, user's key againsts to be stolen but the certificate mechanism is easy to update.

Online Device Fingerprint

Based on the fingerprint algorithm of the device hardware, the product combines with the backstage device-base and the massive feature information obtained in real time to generate device ID and ensure it is unique. In this way, it can restrain the rate of conflict as well as drift and avoid the risk that device ID could be easy to be tampered with.

Trusted Secure Environment

Through SE technology of software, it can create a trusted sandbox on mobile phone, and use technologies such as memory protection, storage protection, access control, read and copy prevention to simulate hardware SE operation, so it is able to ensure the security for static storage and dynamic operation.