Frequently Asked Questions
General
Features and Benefits
What are the security features?
How does JANUS solution compare with two factors solution?
How does JANUS solution provide privacy?
Phishing Attacks
More Questions..
What is JANUS solution?
Our JANUS solution is the secure online authentication solution using HUMAN FACTOR AUTHENTICATION. It provides end-to-end security without compromise on privacy.
In Roman mythology, Janus was the god of gates, doors, doorways, beginnings, and endings. His most apparent remnant in modern culture is his namesake, the month of January. We have chosen to use the name JANUS for its symbolism of being a gate keeper that protects the innocent from harm. It also represents a new beginning as we are building a dependable and reliable transaction platform that can benefit the Internet community.
Who would use JANUS solution?
Our JANUS solution is designed as an authentication server for transaction service providers that are currently providing online services such as Internet banking, B2B or B2C transaction providers.
As a secure transaction platform, our JANUS solution can be customised for other applications in any chosen network environment such as Secure Single Sign-on Service. Any government agency, organisation or business providing restricted content and services can benefit from deploying JANUS Secure Single Sign-on technology or subscribe to our hosted Secure Single Sign-on Service. More>>
What are the security features?
Our JANUS solution provides end-to-end security utilising patented communication technology that can be deployed over existing communication networks.
Traditional approaches requires critical security data to be self-contained. It is exposed to the open environment during transmission from the client terminal to the host server, even with strong encryption.
To overcome attacks such as network sniffing, session hijack, and decryption by brutal force, our JANUS solution embeds security communication agents with every active request, and critical data is transformed before leaving the user terminal. Therefore, the risk of data leakage during transition is eliminated.
Our JANUS solution is based on patented HUMAN FACTOR AUTHENTICATION (HFA) technology that requires correct user responses in every step of the process to complete a transaction. The continuous authentication method minimizes the risk of "session hijacking", password theft through "shoulder surfing", "password guessing" and "dictionary attack". The MESSAGE DISSEMINATION (Stealth Messenger) processes incorporated in our JANUS solution also make attacks such as "key stroke monitoring", "keyboard buffer memory sniffing" and "password file theft" ineffective or irrelevant. Furthermore, user authentication is filtered with methods of user-session tracking and user-signal source validation.
Our JANUS solution also verifies the authenticity of the service provider website. Facilities are available for the user to validate that the connected website belongs to the legitimate service provider before entering his/her password. This empowers the user in the fight against phishing attacks, making phishing irrelevant with this two way authentication mechanism. More>>
How does JANUS compare to Two Factor Authentication?
The simple answer is JANUS provides better security at lower cost. It is also easier to use and it is scalable.
Security Facts:
JANUS is a two way authentication technology (authenticates both the user and the service provided website). Two factor authentication methods authenticates the user only.
JANUS has end-to-end security. Two factor authentication relies on other security technology to protect their data in transmission. (Please also refer to "What are the security features?" above).
Cost:
JANUS solution does not require additional custom hardware and associated costs including token purchase, management, replacement and maintenance.
For more information on the benefits of JANUS solution, click here.
How does JANUS solution provide privacy?
JANUS solution does not send user information at all during any transaction. Therefore, user information is not subjected to passive or external identity theft attempts.
Security measures are built within the JANUS server to prevent identity theft from internal sources. Third party access to data stored in JANUS server is prohibited unless the request accompanied by appropriate user perimmision.
If the customer’s computer has been compromised by a virus or spyware, does this put the transaction at risk?
No. As described in the security features, our JANUS solution uses a combination of mode-less communication, randomness as well as graphical and other user enabled technologies. Knowing the password alone will not able to complete a transaction. It requires user thought, thinking, and responsiveness throughout the HFA process to complete the transaction.
With off-the-shelf anti-phishing software becoming available, why would the bank want to invest in JANUS solution?
Anti-phishing software only warns individually licensed users when a suspected phishing site is detected based on the known phishing site list. It does not prevent phishing attacks. It requires the user to maintain an up-to-date version of phishing site list. As it is impossible to identify phishing sites in advance, the user will still be exposed to any new unidentified phishing threats, even if the software is up-to-date.
Anti-phishing software requires the purchase and installation of specific software and a software license may require renewal at a regular intervals. The software is generally computer specific. Statistics show only small portion of computer users are using it.
Our JANUS solution is a server based application that protects all the banks customers who follow the JANUS procedures. No addititnal softwsare is needed at the user end.
Do you have more questions to answer?
Yes! If you have a question you want answered, please email us and we will post it up on the FAQ page.