When using a cryptocurrency exchange, it’s extremely important to enable two-factor authentication (2-FA) to protect your data and your money. Besides your username and password, 2-FA requires an extra layer of security, like a six-digit numeric code, to access your account. We all know passwords are easy to hack, and SMS-based 2-FA is vulnerable to attacks too.
A new 2-FA app by cybersecurity firm, Rivetz, has launched. Rivetz Authenticator solves the biggest security issues associated with 2-FA today. Authenticator will be the first to offer backup and recovery of 2FA keys using mobile devices’ existing hardware security capabilities. The feature eliminates hassles associated with proving who you are to every 2FA-enabled app and account you have when you get a new phone.
Even though 2-FA apps are more secure than SMS-based 2-FA, most of these apps generate your 2-FA keys using software, which still makes them susceptible to software-based attacks. Authenticator generates your 2-FA keys within the hardware chipset of your mobile device, which is isolated from the software OS.
Rivetz Authenticator is one of the first apps of The Rivetz Network, a collection of cybersecurity tools and services available for deploying safe and simple applications. Its hardware-based security capabilities make Authenticator the equivalent of having a dedicated hardware security device built in to your mobile phone.
Authenticator is also designed to support validation of external, provable controls and policies that confirm a user intended a transaction, enabling additional security and compliance capabilities. In the unfortunate event of a lost, stolen, reset or inaccessible phone, the process to regain access is incredibly time-consuming, frustrating or impossible. In a Rivetz-commissioned survey of 1,000 U.S. adults, 49 percent of respondents said they had lost access to their accounts because they were unable to access their 2FA recovery keys.
Even when users save their private 2FA keys to migrate onto new devices, it can still take hours to manually reset 2FA for each account, such as email, social media, or cryptocurrency exchanges. Authenticator requires only a few moments to recover all accounts at once.
“2FA is a powerful cybersecurity method, but when you get a new phone you are locked out until you navigate a labyrinth of security procedures for each app or account,” said Steven Sprague, CEO of Rivetz. “Authenticator provides a secure and simple one-step method to maintain robust 2FA cybersecurity across all your accounts and devices. Cybersecurity should be grandma-simple – it should just work. We designed The Rivetz Network and Authenticator from the ground up to liberate the modern subscriber from the antiquated username/password paradigm.”
Rivetz Authenticator also features a Trusted User Interface (TUI) for supported devices**. The TUI allows device owners to verify actions with the assurance that malware cannot possibly infect a transaction, ensuring that the action taken by the app was the user’s intended action. Authenticator also is designed to support validation of external controls, such as geolocation or biometrics, enabling additional security and compliance capabilities.
Rivetz Authenticator is built using the capabilities of The Rivetz Network. The Network provisions security actions to the Trusted Execution Environment (TEE), which is already built into the hardware of billions of mobile devices. The TEE is an isolated, measured hardware computer environment separate from the device’s operating system that cannot be tampered with should the operating system be compromised. This provides superior security to software or short message service (SMS) text-based authentication methods.