top of page
Blog article

Blog article

FIDO2 certification compatible "YubiOn FIDO Logon" cloud service started.


FIDO2 authentication compatible "Yubi On FIDO Logon" cloud service started.

- Toward a safer and more convenient society with FIDO2 certification -


May 12, 2021


Soft Giken Co., Ltd. (Representative Director Norio Fujita Established in 1983) will start providing "YubiOn Security Authentication Service" and "YubiOn FIDO Logon" cloud service that anyone can easily realize a passwordless world from May 12, 2021.

We are developing a two-factor authentication "YubiOn Portal Authentication Service" that uses a password that is stored and OTP using an external authenticator.

Currently, the prevalence of COVID-19 has increased remote work, and there is a demand for safe and secure zero trust. Safe and secure certification by the latest FIDO2 certification is attracting attention. By using the user's biometric information (fingerprint, vein, face recognition, etc.) or an external authenticators (dedicated token, mobile terminal, etc.) that you own, you can reduce the risk of passwords and improve convenience.


We will start providing the "YubiOn FIDO Logon" cloud service using the FIDO-certified in-house developed "YubiOn FIDO2 (R) Server". The "YubiOn FIDO Logon" cloud service is equipped with a management site so that the administrator of the information system department can easily manage the authentication function, which can also improve business efficiency. Efficiency allows personnel to focus on leveraging new data and developing in-house services. By applying the YubiOn authentication solution, the information systems department can focus more on new challenges such as digital transformation.


In the future, we will further strengthen sales of appliance servers equipped with the "YubiOn FIDO2 (R) Server" function and FIDO2 authenticators. Together with the "YubiOn FIDO Logon" cloud service, we will contribute to strengthening authentication and promoting digital transformation in remote work environments.



1. What is the "YubiOn FIDO Logon" ?

"YubiOn FIDO Logon" is a cloud solution that can strengthen the logon of PC terminals to two-factor authentication using FIDO *. The biggest feature is that the administrator can manage and control on the cloud by using the FIDO authentication technology, which is becoming indispensable for Web service authentication, to strengthen the logon authentication of PC terminals. * FIDO = Fast IDentity Online. The FIDO Alliance is an open industry association with a focused mission: authentication standards to help reduce the world’s over-reliance on passwords.


2. Features of "YubiOn FIDO Logon"

1) Can be managed and controlled with a web console

 The administrator can check the status and authentication information of the

 registered terminal at any time from the Web console. Since you can check the

 authentication log on the Web, you can immediately grasp the situation even when

 an incident occurs.

2) Easy to introduce a robust FIDO authentication

 Upgrade your PC terminal logon to FIDO authentication with software installation and

 simple initial setup. The strong security strength of FIDO can be introduced into PC

 terminals.

3) Corresponding to various FIDO authentication device.

 Because you are in response to the various authentication device based on the

 specifications of the "FIDO2", you can freely select an authentication method. You

 can also use password-free combinations such as "PIN" & "Authenticator",

 "Fingerprint" & "Authenticator".


3. Scene to use

You can use it in various scenes where security is a concern.

1)In your environment with Active Directory (AD)

 If you want to introduce two-factor authentication to your PC but don't want to

 change your AD settings. If you cannot use the authenticator you want to use with

 Windows Hello, or if there are restrictions due to the environment. "YubiOn FIDO

 Logon" allows you to freely design security without being bound by AD settings.

2) I want to use two-factor authentication only for a specific account.

 You can make detailed security settings for each account, such as using two-factor

 authentication only for Windows accounts that have Administrator privileges.

3) I want to reduce the number of inquiries about forgetting passwords.

 By using the password memory function at the time of initial setting, you do not need

 to enter the Windows password after that, and you can reduce the number of

 inquiries about forgetting the password.


4. Product specifications

1) System configuration diagram


2) Operating environment

 CPU : 800MHz or higher 32-bit or 64-bit processor (1GHz or higher recommended)

 Memory : 512MB or more (1GB or more is recommended)

 Storage : 100MB or more free space

 Required middleware : .NET Framework 4.7.2 or later

3) Supported OS

 Client OS : Windows8.1, Windows10 (version 1909 or later)

 Server OS : Windows Server 2008 R2, Windows Server 2012 R2,

 Windows Server 2016, Windows Server 2019

4) Main functions

(1) Two-factor authentication

 Set the logon of the PC terminal to two-factor authentication using a password and a

 FIDO authenticator.

 You can also use password-free combinations such as "PIN" & "Authenticator",

 "Fingerprint" & "Authenticator".

(2) FIDO logon forcing function

 This feature is when you logon Windows, you can be set to force the logon using the

 FIDO authentication device.

(3) Screen lock function

 Locks the screen when the FIDO authenticator is removed from the PC terminal.

(4) Offline logon function

 - Cache logon

  It is a function (cache logon) that retains the cache at the time of the previous

  authentication and authenticates at the time of offline.

 - Expiration date setting

  Set the number of valid days for cache information.

(5) Remote lockout function

 This function is a function that makes the PC terminal unable to log on (lockout state)

 by using the Web console remotely.

(6) Authentication failure lockout function

 - Authentication failure lockout

  This function locks out the terminal when logon fails a certain number of times.

 - Automatic release setting

  It is a function that automatically releases the lockout after a certain period of time

  has passed after the automatic lockout.

(7) Group policy function

 It is a function to reflect various settings of YubiOn FIDO Logon for each grouped

 terminal.

(8) Log management function

 It is a function to collect the log of the PC terminal and browse it on the Web

 console.

(9) Get location information

 It is a function that collects the location information of the PC terminal and displays it

 in the log.

(10) Version update

 This is a client software version upgrade function.

(11) Ability to limit uninstallation

 This function restricts general users from uninstalling the software.


5. About charges

 From 500 yen per month / 1 account (in the case of monthly payment)

 * Please purchase the FIDO authenticator separately or contact us for details as it is

  also available at Soft Giken.


6. About the service page

 Please refer to the following page.



[About Soft Giken Co., Ltd.]

Soft Giken has a track record of software development in the social system business such as disaster prevention information as an independent software house for 37 years since its establishment. Based on the philosophy of "Make every world better.", We provide public and social systems, cloud security and authentication services.

We provide "YubiOn Authentication Solution" that supports from computer two-factor authentication login to cloud authentication. The YubiOn authentication solution also supports FIDO-based multi-factor authentication. You can solve the problem of online authentication by eliminating the anxiety of the conventional ID / password login method and pursuing ease of use. With the YubiOn Authentication Solution, you can reduce the cost and effort of operating and managing your IT assets while enhancing security by enhancing FIDO authentication.

[Future plans]

We plan to develop the OTP-based solutions "Windows Logon Portal" and "Windows Standalone" that we are currently offering so that they can be used on Macs in the future.


[YubiOn FIDO2(R) Server]

was officially certified by the FIDO Alliance on March 11, 2019.

We participate in the FIDO Alliance as a sponsor level member.

* "YubiOn" is a registered trademark of Soft Giken Co., Ltd.

[What is FIDO2?]

The latest specifications of the FIDO Alliance. FIDO2 allows users to easily authenticate online services in both desktop and mobile environments using the FIDO2 authenticator. The FIDO2 specification consists of the World Wide Web Consortium (W3C) WebAuthn (WebAuthn) specification and the corresponding Client-to-Authenticator Protocol (CTAP) of the FIDO Alliance.


Tags:

Comments


bottom of page