GEOACL

  Control Over Where And How much Access Allowed

  HOME » SOLUTIONS » Location Based Two Factor

Location Based Two Factor

Two Factor Authentication is the security term for providing two different form factors of identification for verifying an identity or authorizing an action.

The commonly accepted form factors are from following three categories:

  • Something you have (an ATM card or a security token)
  • Something you know (a password or the answer to a challenge question)
  • Something you are (a biometric such as a voice print or finger print)

  • We provide new form factor for authentication:
  • Somewhere you are. (a location where user is.)

Two Factor Authentication by GEOACL

How does it work?
GEOACL's two factor authentication Location based services are invoked by an online property as a Web service or by bank processing payments made by customers. Users select bank and/or various other type of accounts like IM, Email, Chat, Social Network, healthcare, payroll, ecommerce. User can also select bank credit cards, prepaid cards, gift cards to protect using GEOACL.
Users configure the security by defining valid access locations and allowed privileges, allowed charge amounts for selected valid locations, essentially defining Geographical Access Control Locks.
When using an account protected by GEOACL, a user will logon to their account as they normally do or will do their check outs at retail outlets as they normally do. Whenever user attempts to log in to online bank account or to any other online account that he owns or is allocated or tries to do funds transfer, fund withdrawals (whether online or through branch or through banking equipment like ATM), the bank's server/web sites' authentication module will send a request for location authentication via a secure Internet connection (or through private network in case of hosted solution) to GEOACL.

The request contains required parameters for GEOACL's service to authenticate for location and requested financial limit (e.g. amount being charged to credit card) or access level (operator, super user, manager etc.) if any. No Personally Identifiable Information (PII) or account specific information need change hands between your institution and GEOACL. GEOACL will process the request and communicate the outcome of the back to the institution/web site. GEOACL will also send alerts if configured to users.

What are the benefits of using an end user's location as part of an authentication and security process?
Employing an end user's location as part of a logon or other security process means there is no software involved for you or your users, nothing to deploy, no training required and the process will work anywhere where there is a means and feasibility to identify user's location.
Retail Transactions use merchant's location as user location. It is very powerful way to stop illegal usage of user's bank cards or banking accounts for fraud purposes. It works even where phone doesn't work. It is also faster (as no extra steps required for user to take) compared to other authentication techniques that rely on phone or tokens to complete the transaction.