- Do helpdesk, HR or IT assist users with remote or telephonic support?
- Have you experienced social engineered attacks to gain access to secure resources?
- Is your helpdesk overwhelmed by identifying users through tedious verification processes?
- Do HR frequently update banking details for employees?
- Do you have any system/process in place to identify callers?
Custom, Secure & Efficient
Stop social engineering against your service desk and manage your verification process in any human to human process
Does you company
Need Identity Verification Manager?
in Any Process
Hackers use social engineering methods to trick or compel service desk agents to issue passwords for real users or IT staff to grant access that is not authorized.
With MyPass Password Manager already in place, the addition of Identity Verification Manager (IVM) prevents voice based hacking (vishing). IVM controls the entire verification process, instructing the service desk agent what questions and tests to ask your user based on their security profile.
IVM can be configured to follow the organization’s security hierarchy or requirements
Various tests are used to verify a user's identity through personal, company and contextual & dynamic info
Monitoring & Reporting
Every step of the verification process is logged and available for monitoring and reporting
In password reset scenarios, passwords can be delivered to the user via phone call, SMS or email
Integration To ITSM Tools
Integration to ITSM processes allows for simple operation and consolidation of reporting
IVM can provide an unlimited number of different processes that are linked to the specific department or scenario
Suite of Verification Options
In conjunction with the MyPass Password Manager agent, IVM can detect various key device and location facts regarding a user. This allows for multiple dynamic verification options to be included in the assisted verification process.
Some of the dynamic verification gates that can be used include:
- Most frequent logged in user
- Most frequent login location
- Current login information
- Patterns in login location data
- Last successful login
- Common login patterns
Static information verification is still a viable authentication method when used in conjunction with other factors. MyPass IVM allows for a wide variety of personal and company information to be used in the verification process. This can be imported from any company system and be focused to specific IVM process based on the scenario and requirements.
Some sources of useful verification information includes:
- All MyPass Password Manager enrolment data
- User personal information captured in Human Resources or ERP systems
- Application access or usage data from line of business applications
A wide variety of multi-factor tokens can be employed with already device, location, company, and personal information to cater for any verification scenario. Multiple MFA tokens can even be used in scenarios of high assurance.
Supported MFA tokens include:
- Text message OTP
- Email OTP
- Code Card OTPs
- TOTP services and app (Google, Microsoft, Duo, etc apps)
- Push Authentication via Duo Security
- Secret Question and Answers for Challenge Response
In specific scenarios of high-assurance or when required, MyPass IVM also allows approval of processes to route to the specific staff members manager. This allows to overrides (if configured) or the addition of specific high risk approvals.
Frequently Asked Questions
To achieve rapid results, MyPass IVM is delivered as a cloud service that can be run as a standalone service or in conjunction with MyPass PM.
MyPass IVM is provided with templates that can immediately be used as base processes. These templates correspond to scenarios based on specific levels of assurance/risk. Low, medium and high-assurance level process are provided.
In situations where it is important to verify the correct identity of a person phoning in. Service desk agents, HR partners or IT staff have lots of situations where they need to know, who they are giving service - and are thus ideal initial users of IVM
Even the best staff can be manipulated by a good social engineer to help and deviate from the procedures. IVM controls the process and not the staff or supporter who decides the verification process and when we can trust the caller.
The most important and secure elements in IVM are the Dynamic and Contextual tests. Even though the user is not logged in, IVM gets information from the workstation, and then knows if this is the user’s own PC or not. We can see the geo-location and we can see if she is asking at her normal workhours. This is close to impossible for a hacker to produce. IVM tests for a multitude of tokens removing the possibility for imposters passing the process.
Yes. However some verification tests are only available when MyPass Password Manager (PM) is implemented. Such verification methods includes information that is captured as part of the MyPass PM enrolment process.
With MyPass IVM, a proof of concept can be up and running within a day. If the process must be integrated with MyPass Password Manager (PM) or ingest data from on-premise systems (for verification information) a MyPass Gateway will first need to be deployed. This process is highly dependent on customer resources but usually takes no longer than a week or two.
With MyPass IVM data from back-office systems can easily be integrated into the verification process by deploying the MyPass Gateway to ingest data from systems such as AD, SQL, Oracle, SAP, etc.
MyPass IVM is only used by administrators and helpdesk agents. As such the console is only available in English. Questions for user verification can be translated to local languages.
Additional localization options for labels and buttons etc. will be added in early 2022.
The core MyPass Platform Notification Service can be configured to send email or text messages to notify users or adminsitrators of an unusual number of access requests or failures for an individual user or group of users.
Yes, but the agent will not notice it. MyPass IVM can be integrated seamless with the ITSM tool through transaction links, to allow agents to easily find the correct process and switch to MyPass IVM seamlessly.