SafeNet MobilePASS+
Use SafeNet MobilePASS+ to secure leading cloud apps, security gateways, and VPNs. SafeNet MobilePASS+ is a mobile and desktop authenticator app that allows users to access corporate and web-based resources securely. It eliminates the need to remember complex passwords, because it allows users to approve push authentication requests with a single tap, and to generate secure one-time passcodes (OTP).
SafeNet MobilePASS+ app
The SafeNet MobilePASS+ app works on mobile, wearable, and Windows devices. It turns your device into a two-factor authentication device, removing the need to carry an additional hardware token.
SafeNet MobilePASS+ users can generate passcodes on their device, and use those passcodes to authenticate to protected corporate and web-based applications.
The SafeNet MobilePASS+ app supports the following platforms:
SafeNet MobilePASS+ token
A SafeNet MobilePASS+ token is related to an account and its associated parameters, such as name, user personal identification number (PIN), enrolled keys, and PIN policy. Each SafeNet MobilePASS+ app can manage multiple SafeNet MobilePASS+ tokens.
Push authentication technology
With out-of-band (OOB) push authentication technology, when the user makes a login request, a push notification is sent to their device. The user approves the request with a single tap. The SafeNet MobilePASS+ app automatically generates a new OTP and sends it to the protected resource, which eliminates password fatigue and the need to manually generate and enter OTPs.
Generated OTPs
SafeNet MobilePASS+ provides OTP as a manual backup option in case users need to authenticate when the cellular or wifi network is unstable. When networks are unstable and users are not able to receive push notifications, they can manually enter the OTP codes that MobilePASS+ generates. As long as users can reach their apps, MobilePASS+ can provide a secure passcode so that they can access the apps independent of the strength of their cellular or wifi signal.
PINs and biometrics
SafeNet MobilePASS+ supports optional alphanumeric PINs to provide additional protection. You can add PIN protection to each login approval, with configurable token or service-side PINs.
On some platforms, a biometric PIN can replace the alphanumeric PINs:
-
iOS uses Touch ID and Face ID
-
Android uses fingerprint and facial recognition
-
Windows Hello for Business uses fingerprint or facial recognition
How SafeNet MobilePASS+ works
When a user accesses a protected resource and enters their user name, SafeNet MobilePASS+ sends a push notification to their mobile device. The user taps to approve the login request, and is then logged in to the resource.
If a PIN policy has been defined, the user additionally enters their PIN or uses biometrics to unlock the token.
When networks are unstable and the user is not able to receive push notifications on their mobile device, the user can manually enter SafeNet MobilePASS+ generated OTP codes into another device.
In standard OTP mode, the user opens the MobilePASS+ app, enters their (optional) token PIN if required, and generates an OTP. The user enters their OTP into the protected resource, and is then logged in if they are authorized to access the resource.
SafeNet MobilePASS+ self-provisioning
(STA only) SafeNet MobilePASS+ offers users a simple self-provisioning or self-enrollment process that uses QR code activation and easy-to-follow, in-app instructions. Users who don't already have a token can immediately enroll a new token on their own, without using a self-enrollment email.
The self-provisioning option is is displayed when users try to log in to any protected service that requires an OTP, but the user doesn't yet have a token.
Mobile SDK
The mobile SDK is available for iOS, Android, and Windows. It allows you to replicate the Thales end-to-end protection with optional app branding. It enables embedding standard OTP authentication within existing apps.
The supported programming languages are Java for Android, Objective C for iOS, and UWP C# .Net for Windows.
Risk detection
(STA only) The STA Access Management console lists all of the SafeNet MobilePASS+ authenticators that are deployed to your users and identifies the level of risk associated with the host devices.
Release notes
Check out the SafeNet MobilePASS+ release notes and frequently asked questions: