A portable carrier of an identity
-
Convenient
The mobile terminal is linked with the computer terminal to realize convenient identity authentication and quick access anytime and anywhere.
-
Secure
According to different business scenarios, configurable cross-combination authentication services are provided, and the security portal management of different applications, different security levels and different authentication combination factors is realized.
-
User-friendly
The platform adopts PAM plug-in authentication, plug-and-play, quick implementation, friendly interface and improved user experience.
INTRODUCTION
BMSME-Account aims to provide WebApp platform-level identity solutions to protect users’ mobile identity security and enterprise mobile application access security by integrating various mobile applicable authentication methods and access policies suitable for WebApp. At the same time, with the characteristics of mobile devices, it links PCs, network access, B/S applications, C/S applications, device access and other types of authentication scenarios to truly realize the identity of mobile portable carry.
The product provides multi-mode strong authentication (2FA) services and convenient authentication services to comprehensively strengthen the security of the user identification process, provide a comprehensive and reliable platform-level solution for the authentication problems faced by organizations in the process of mobile informatization, establish a solid security foundation for the organization's digital transformation, and overall enhance the protection capability of organizing information security system.
FEATURES
BMSM-
Integration and authentication scheduling
Combine various authentication methods, and provide authentication services for different applications, people and risks in the form of "chain" in order to meet the requirements of different industries for safety and ease of use. -
Multi-terminal fusion authentication
The ability to integrate authentication and authentication scheduling can be given to the Web, APP and PC (Window ). -
Mobile self-service
Self-service operations such as authentication credential information (password, gesture, biometrics), online session management, trust device management, self-service unlocking and password retrieval can be performed on the mobile. -
Risk detection linkage
Combined with the RDS risk detection service of Zhuyun, different risk treatment strategies can be implemented according to the risk level, such as SMS, email notification and secondary authentication to confirm identity. -
Mobile single sign-on
It can be integrated with H5 application and native APP application to provide single sign-on scheme. -
Mobile security center
Aiming at the security of the mobile terminal, the mobile device is bound to the user by the device binding mechanism, and the password attempt is prevented by the authentication error locking mechanism.
APPLICATION SCENARIOS
BMSM-
01
PC application sensitive operation secondary authentication
Through the authentication empowerment service, E-account empowers all kinds of authentication capabilities of mobile applications to the sensitive operations and usage scenarios of PC applications so that the sensitive operations of PC applications can be confirmed by users' re-authentication to protect the security in sensitive operation scenarios.
-
02
Empower multi-factor authentication for mobile applications
Integrate all kinds of authentication capabilities applicable to mobile applications, including passwords, OTP, gestures and other common authentication methods and face recognition, fingerprints, voice prints and other biological authentication methods, and configure multiple authentication combinations for mobile applications according to their security requirements through a flexible and easy visual configuration service to achieve multi-factor authentication and improve the access security of mobile applications.
-
03
Assist PC applications in achieving multi-factor authentication
For all kinds of B/S and C/S applications on PC, E-Account can link with it to add mobile-based authentication methods such as QR code scanning, face recognition, voice recognition, OTP, authentication push and other authentication methods based on the original authentication methods to achieve multi-factor authentication for PC application access. At the same time, it provides flexible application authentication policy settings that applications do not need to develop again when changing authentication methods.
-
04
Assist PC desktop multi-factor authentication
E-Account supports all kinds of authentication methods to log in to the Windows-based PC desktop using the mobile terminal. Users can experience the multi-factor authentication service combined with mobile terminal authentication when using the computer, which can better enhance the security and convenience of host access compared with the traditional password login method.
-
05
Mobile application sensitive operation secondary authentication
Through the authentication empowerment service, E-Account can give various authentication capabilities to the sensitive operation and usage scenarios of mobile applications so that the sensitive operation of mobile applications can be confirmed by users' re-authentication and protect the security of sensitive operation scenarios.
ARCHITECTURE
BMSMThe platform adopts PAM plug-in authentication, plug-and-play, provides integrated services of various authentication, and supports organizations to flexibly expand authentication methods, including biometric authentication of face, finger vein, palm vein, iris, fingerprint, etc.
ADVANTAGES
BMSM-
AI Intelligent Security Authentication
E-Account converged authentication service fully considers future business expansion needs, providing multiple authentication methods and authentication combinations for multiple channel logins such as web applications, mobile applications, and computers, aiming to create an innovative and comprehensive unified security authentication service platform for organizations, the platform provides authentication engine configuration (including biometric authentication, non-biometric authentication, and social authentication methods) test information.
-
Intelligent Scenarios Authentication
By integrating with Bamboocloud's risk engine, E-Account can comprehensively evaluate user access metadata (access time, access location, access habit, access account, access relationship, access behavior, etc.), intelligently control user authentication level according to the scenarios used by users, protect users, applications and authentication in all aspects, and overall enhance the security protection capability of organizational information systems.
-
Strong identity authentication method support
E-Account provides organizations with real-time strong authentication (2FA) services to enhance the security of user identification in all aspects. It provides E-Account App and SDK for organizations that do not need to purchase any hardware devices but only need to download the E-Account App and integrated SDK so that organizations can easily achieve strong authentication and composite authentication, enhancing authentication security and convenience while meeting compliance audit requirements.
-
Intelligent risk prevention and control
Built-in risk detection integration module, relying on risk detection results, timely detection of risks in the authentication and access process, dynamic adjustment of authentication security level and access policy, and effective interception of illegal access.
