User:Aj1970/sandbox

PINgrid is a personal identification system which extends the standard ‘shared-secret’ authentication model to create a secure methodology whereby a dynamic ‘one-time’ password or PIN can be generated by a user. PINgrid claims to be the technlogy standard for Matrix Pattern Authentication. It's technology is governed by patent pending technology owned by Winfrasoft and uses open standards to promote the adoption of strong authentication.

On the surface this technology resembles the technology offered by the liquidated GrIDsure however the implementations and patent applications differ greatly.

Authentication method
In order to authenticate, the user is asked to input a series of numbers (complying to OATH standards of a minimum of 6) based on a pre-provisioned or user selected pattern on a matrix. The security is reliant on the fact that only the user should know this pattern whilst the matrix displayes a series of pseudo-random numbers generated by the authenticator. PINgrid only utilises 256bit Federal Information Processing Standard (FIPS) compliant cryptographic algorithms (140-2, 180-3 & 198a) and is underpinned by OATH (RFC 6238) logic. This results in a different series of numbers each time the user authenticates.

Key to the technology is that the numbers reflected within the matrix are repeated an even number of times ie. in a 6x6 matrix (36 cells), only numbers 0-5 will be displayed and each number will appear a total of 6 times. In an 8x8 matrix (64 cells) numbers 0 to 7 will be displayed an each number will appear 8 times. This replication of numbers means that Keystroke logging technology may capture the One Time Authentication code but will never reveal the user''s pattern.

Mathematics
PINgrid can be used with any size and shape matrix however 6x6 and 8x8 have been chosen as a "regular" and "large" to air consistency. With a 6 digit memorable identification pattern (MIP) length and a 6x6 matrix, there are a possible 2.1 billion pattern combinations. An 8x8 matrix with a 6 digit MIP contains 68.7 billion possible pattern combinations. Increasing the minimum length of the MIP to 7 digits increases the possible pattern combinations exponentially.

Implementations
Winfrasoft AuthCentral includes PINgrid technology and has a solution for integration with Active Directory, Radius, Internet Information Services, Microsoft Forefront Unified Access Gateway. Two-factor authentication is delivered via soft-tokens on mobile devices. Currently supported mobile device include Android (operating system), iPhone, BlackBerry and Windows Phone.

Category:Authentication methods Category:Computer access control