Authentify xFA is a quick and easy to use authentication and secure messaging solution. xFA can use any mixture of available biometric (something you are), knowledge / secret (something you know) and device (something you have) credentials to strongly authenticate access to our customers' websites or mobile apps.
Authentication can happen when accessing a customer's site from your mobile device or happen "out-of-band" when access is through a desktop or laptop computer.
Authentication is provided by the Authentify xFA service, protected inside an Authentify SAS 70 Level II certified operations center. Authentify xFA provides a "zero trust" model such that communication between the xFA client application and the customer's server cannot be monitored, even by Authentify. There is no personally identifiable information (PII) associated with a biometric, only the certificate keys are shared between the xFA app and the xFA service.
The hardened nature of the xFA client application, by use of full encryption and digital certificate underpinnings, protects the entire xFA process from exploits commonly associated with lesser out-of-band or two factor authentication schemas.
For a full description of the security model and additional features of the Authentify xFA product, please see our whitepaper at: http://authentify.com/white-papers/xfa