LoginTC is a Cloud service with four components: LoginTC Cloud, LoginTC Admin, LoginTC Connector, and LoginTC App. Combined, these components deliver wireless two-factor authentication and consent to business applications and network services. LoginTC leverages the push notification services of major mobile networks to deliver its services to smartphones, tablets and desktops in the cellular and interenet networks and Wi-Fi access points.
LoginTC supports the Android, iOS and BlackBerry devices. The following list outlines the mobile operating systems support:
LoginTC works on the iPhone, iPad and iPod Touch, Android smartphones and tablets, and all BlackBerry devices running the corresponding OS outlined above. Cyphercor strives to support the most popular smartphones and operating systems.
With the LoginTC Chrome app, LoginTC supports Windows, Apple OS X and Linux desktops and laptops. The following list outlines the requirements to enable a desktop or laptop as the second factor authentication with LoginTC Chrome app:
Once installed and provisioned in a desktop, the LoginTC Chrome app works with any VPN client app or web browser to deliver two-factor authentication to LoginTC-enabled VPNs and web applications.
Yes. We host a LoginTC Admin in a highly secure environment which can be accessed by your LoginTC Administrator using LoginTC 2FA with a browser with full SSL protection. Instances of LoginTC Admin can be deployed as well in private clouds if required. This service is ideal for SMBs that outsource their business applications to the cloud using SaaS.
Yes. LoginTC uses the mobile platform push notification systems which work world wide. All you need is a working internet connection.
The LoginTC app is a credential store and authentication manager installed on your users’ smartphones or tablets. The LoginTC credential is commonly known as a token or LoginTC token. Powerful add-on features can be applied to the app user experience, such as delivering an organization or website pictogram, and dynamically generated content configured by your LoginTC Administrator
The LoginTC app can be found in the following mobile and web marketplaces:
To download the app your users need to have an account with the respective mobile or Google marketplace.
The Username identifies a user credential in a domain. For example, if your Administrator has created a RADIUS domain to protect VPN access with LoginTC, your Username can be your email id, a Username in MS AD, or a numeric ID. The combination of your Username and the domain you want to access prompts LoginTC to notify your smartphone for wireless authentication.
The LoginTC app must be installed in a mobile device supported by LoginTC; please check the mobile operating system compatibility in this FAQ.
If your mobile OS is compatible with LoginTC app, you may need to configure your mobile device or ask for help to your LoginTC administrator. Typical basic checks you may want to do include:
If after your initial device check you still don’t receive LoginTC notifications, there may be other checks you have to make:
Yes. You can have multiple credentials stored on a single device. You can add and remove credentials from the multiple domains where LoginTC has been deployed.
Yes. A user can have multiple credentials on multiple devices. However, a user cannot have the same credential stored on multiple devices to access a domain. For security reasons, a credential must be associated with a single mobile device. The user could revoke a credential in the first device and create the same credential in a second device.
Yes. A single device can support multiple credentials and hence multiple users. This is a powerful feature for cost effectiveness and auditing purposes.
No. The LoginTC administrator can configure the strength of the PIN or passcode required to unlock the token in the app. When your LoginTC Administrator configures a domain in LoginTC Admin, she can select if the token is a 4-digit PIN or if a passcode is required with a minimum length.
LoginTC has a rich user and domain lifecycle management toolset using a secure web-based dashboard. To access LoginTC Cloud services the Cloud Administrator must have a LoginTC administration account. With easy-to-follow instructions the Cloud Administrator can create domains (i.e. the LoginTC protected assets), create, update and bulk-upload users, integrate on-premise environments, and synchronize LDAP or MS AD user stores. In partnership with their IT development team, the Cloud Administrator can also enable the LoginTC REST API to integrate LoginTC to on-premises platforms, business workflows and on-boarding of users and assets.
If your organization wants to license LoginTC Admin, you can install it as a virtual appliance in your virtualization environment. LoginTC Admin is distributed with the Open Virtualization Format (OVF) and can be imported into VMWare or VirtualBox host environments. For enterprise performance, the LoginTC Admin can be architected in a load balance and high availability mode.
LoginTC Admin contains clear and thorough documentation with an installation guide to help your administrator to configure your LoginTC Admin deployment. Tools are included to synchronize LoginTC Admin with your user repositories – LDAP or MS Active Directory.
The virtual appliance is built using industry deployment best practices and integrates well with almost any data centre. The appliance is a self-contained and stateless Tomcat instance talking to a MySQL backend. It can be deployed behind a round-robin proxy on VMs with a separate VM for MySQL. It is also possible to setup MySQL with replication in order to provide high availability. We provide documentation as well as professional services in order to integrate it successfully into your environments.
There are a few ways that users are provisioned:
A activation code is the first step in identifying on which device to store a LoginTC credential and what user/domain combination is established. Initially an activation code only knows of a user and a domain. The act of entering the activation code via the LoginTC App identifies the device in which the credential can reside on. Hence, it identifies the device to push an authentication request to when a user visits the domain protected by LoginTC.
Activation codes can be delivered in a variety of ways depending on the security and identity-proofing protocols of your organization:
In order for a user to change their PIN or Passcode they need to revoke their current credential and provision a new one. If the user doesn’t remember the PIN or passcode for a credential, the LoginTC administrator needs to revoke the user token in the target domain and re-issue the token. The user will have a new Activation Code to re-create the credential and select a new PIN or passcode.
LoginTC Admin can be configured to synchronize with your user repository stored in LDAP or MS Active Directory.
The following LoginTC Connectors are available for LoginTC operations:
You need to install the LoginTC RADIUS Connector in your IT environment. This connector is a virtual appliance that can be imported into your virtualization environment, such as VMWare ESX or Virtual Box. There are precise detail instructions to install and configure your RADIUS environment in the Developers section of this website.
You need to install the LoginTC SiteMinder Connector in your SiteMinder environment. This connector is an authentication scheme that can be configured by your SiteMinder administrator in the SiteMinder Administrative UI. You also may need to install LoginTC Admin in your IT environment and integrate it to your SiteMinder deployment
You need to install the LoginTC OpenAM Connector in your OpenAM environment. This connector is an authentication module instance that can be configured by your OpenAM administrator in the OpenAM Access Control UI. You also may need to install LoginTC Admin in your IT environment and integrate it to your OpenAM deployment
Yes. You can integrate cloud apps that support SAML 2.0 or OAuth 2.0 standard protocols. In the case of a SAML integration, LoginTC becomes an Identity Provider delivering user attributes to Service Providers using LoginTC 2FA – please see the Developers section in this website on how to integrate Google Apps or Salesforce.com
Check the LoginTC Website Integration instructions in the Developers section of this website, otherwise contact us to address your specific needs.
Yes, LoginTC is built to scale for very large deployments. For more information, contact our sales team: sales@cyphercor.com.
Yes, there is pricing for 2 and 3 year contracts. For more information, contact our sales team: sales@cyphercor.com.
We accept Visa, MasterCard and American Express. Don’t have one of these? Contact our sales team: sales@cyphercor.com.
Absolutely. We would love to help, contact our sales team: sales@cyphercor.com.