Leading Passwordless Authentication Technology Provides Unrivaled Security for Global Enterprises


SCOTTSDALE, Ariz., March 31, 2020 /PRNewswire/ — Trusona, the pioneering leader in passwordless multi-factor authentication technology, today announced that the United States Patent and Trademark Office has issued U.S. Patent 10,601,859 titled, “Anti-replay systems and methods.” Trusona’s patented anti-replay technology plays an integral role in its dynamic authentication, using the unique nature of a user’s actions to accurately secure the identity behind every digital interaction.

The last decade has seen an increasing number of breaches due to session details and credentials being replayed by cybercriminals in order to gain access to accounts and execute transactions. To combat this, Trusona’s anti-replay functionality uses non-PII unique values of time, latitude, longitude, acceleration and more, to create a cryptographic nonce that should never be repeated. As each authentication is unique, if the system ever detects the same data being re-used it will issue an alert and prevent the authentication from completing, protecting sensitive assets.

Trusona’s patented anti-replay technology is also used in Trusona Executive — a three-factor passwordless authentication solution, which uses a government-issued ID or an employee badge as a third factor. The anti-replay cryptographic nonce is made of metadata, including camera focus time, distance of the document from the camera and so on.

“Session replay attacks have grown exponentially and pose a great threat to organizations globally,” said Ori Eisen, Founder and CEO of Trusona. “Trusona is very passionate about removing this attack vector and we’re proud to pioneer this patented technology that serves as another weapon in our security arsenal to fight cybercrime. Providing modern passwordless authentication with anti-replay capabilities helps us continue to secure enterprises and consumers everywhere.”

The first session replay attack ever recorded was observed in the wild in 2010, where users’ static credentials were replayed, including SSL browser certificates. In a single day, the cyber criminals were able to draft wires totaling millions of dollars. Session replay attacks further expose the most common attack vector of compromised credentials. Trusona developed and patented the anti-replay technology in tandem with removing passwords to protect against these types of attacks and provide organizations a more complete, secure authentication solution across any enterprise or consumer use case.

To read more about Trusona’s ground-breaking passwordless authentication solution and anti-replay technology, visit https://www.trusona.com/anti-replay.