Freja Mobile reinvents technology for digital identities that truly leverages the features of the smartphone, providing elevated levels of security and user convenience for login and signing.
The traditional way of overcoming the security risks associated with fixed passwords has been using hardware tokens generating one-time passwords. Replacing all of your different passwords with hardware tokens would simply not be sustainable, considering the large number of internet services we are using today.
When smartphones arrived a new generation of password tokens was born. The functionality of a hardware token were simply put inside a mobile application. However, these applications only generate one-time passwords, which is really far from leveraging the fact that a smartphone is a constantly connected computer with a screen that can display much more than a password.
Freja Mobile is the next generation of technology for digital identities. It truly leverages the properties of the smartphone which enables a whole new level of security, control and user convenience. With Freja Mobile your smartphone displays in detail what you are approving and what kind of transaction you are signing. It also solves the big challenge of securely provisioning smartphones over the internet, making it possible to enroll large numbers of users in an easy way at a low cost.
Freja Mobile consists of two parts, the mobile authentication server and the smartphone application. It can be used for login purposes as well as for signing transactions. The authentication is transferred on a secure, separate channel directly to the service used, removing the need for the user to manually transfer a password or a code from the mobile to the web browser. This eliminates the risk of Man in the middle and Man in the browser attacks.
From a user´s point of view, all you have to do is to state your username in the browser. The mobile authentication server then sends a request, through the secure channel, to the mobile phone. Instead of getting a one-time password, you get a message displaying exactly what you are about to approve, for example the name of the website you are logging in to. To confirm login, just enter your personal PIN code on the phone and the login is processed through the secure channel.
The same procedure takes place when signing transactions – providing the user with a message of the exact details of what is being signed – making the technology secure enough to handle money transfers and other transactions requiring top level security.
The Freja Mobile technology can be deployed everywhere fixed passwords or any kind of multi factor tokens are used; corporate networks, public sector services, e-commerce, banking, gambling or any other service where you need the combination of strong security and user convenience for large user groups. Freja Mobile can be used as a standalone application or as an integrated component in your existing app.