XSENSE
ZERO-TRUST, DISTRIBUTED, COMPLETE PASSWORDLESS
XSENSE
XSENSE: EXTRA IDENTITY SENSE + ZERO TRUST
"Over 80% of breaches within hacking involve brute force or the use of lost or stolen credentials."
- Verizon 2020 DBIR (Data Breach Investigations Report)"By 2022, 60% of large and global enterprises, and 90% of midsize enterprise will implement passwordless methods."
- Gartner
WHY PASSWORDLESS?
Why Passwordless?
- With passwords, your security is not in your control anymore. Passwords are easy to phish. Passwords are used across sites, leading to spraying or stuffing attacks
- Cuts maintenance headaches & costs. Password management is cumbersome & costs a lot. MFA solutions may enhance security but won't eleminate the need for passwords.
- Give your employees & customers reason to smile! Users would love to connect & transact without needing to remember passwords, all while enhancing security.
WHY XSense?
Why XSense?
Robust yet seamless secret rotation
- Password rotation is a key management overload
- Passwordless solutions need to securely automate secret rotation
- XSense offers infinite, seamless secret rotation, without needing external setup
- Users/Enterprises can rotate keys any number of times
Account Recovery/Reset
- Recovery/Reset is a pain point both for enterprises & users
- XSense offers multiple modes of highly secure yet decentralized recovery
- User can simply use any one of the four recovery codes generated from patented [1,2,5] NLSS schema to automatically recover the account without even needing email.
- Auth transportation from additional registered devices through codes or QR. Without the secret share from either of the devices, recovery can’t be completed.
- Trusted/Federated recovery – recovery using federated devices within the trusted network.
Mutual Authentication
- Identity solutions, including other passwordless solutions, typically ensure users are genuine
- But how does the User ensure he is connected to the genuine Server?
- Lack of mutual authentication results in spoofing & JS attacks
- XSense is the only identity solution to offer integrated mutual authentication
Anti-Replay Attack Previntion
- Session replay attacks pose significant risks to identity & access.
- Most identity solutions do not offer protection against replay attacks.
- Some competing solutions offer anti-replay protection but require additional layers of crypto management.
- Anti-replay protection is integral to XSense’s challenge-response method.
- Verification coordinates change every authentication attempt, needing new Challenge-Response based on patented NLSS image cryptography.
Seamlessly Integrate your Cloud/On-Premise Apps
- SAML/OIDC/OAuth - Authentication protocols supported to integrate web applications
- AAD - Both B2B and B2C are supported as third party authenticator provisions from AAD
- On-Prem - XSense identity server can be integrated with AD/LDAP using connectors to authenticate users
Eliminate your single biggest source of breaches by going passwordless with XSense
