Phishing Resistant MFA That Is Invisible to Your Users
No phone, hard token, or webcam required.
Easily implement behavioral multi-factor authentication that is automatic, continuous, and PCI DSS compliant.
Easily Add Behavioral MFA to your Login Workflows
Twosense allows you to easily add continuous MFA to your login workflows, with no additional training or hardware required for your users. Users don't need to manually enroll, sign up, or engage with Twosense to get started.
Multi-factor authentication is useless if a user accidentally or intentionally grants an attacker access.
Some users accept malicious MFA requests out of habit. Attackers have persistently annoyed users into granting access. A user’s phone can be stolen or SIM-swapped and used to authorize access to privileged information.
Take the user out of the loop with Behavioral MFA.
Traditional multi-factor authentication (MFA) methods, such as OTP-based authentication, are proving inadequate in the face of sophisticated social engineering tactics. However, there is a path to achieving robust, efficient, and PCI-compliant identity security in contact centers with Behavioral MFA.
Twosense's one-of-a-kind approach provides BPO contact centers and their customers with a phishing-resistant solution. Behavioral MFA is 100% software, meaning no keys or codes can be compromised during a phishing attempt.
PCI Compliance can be almost impossible to achieve in secure contact centers.
Contact centers need an identity security solution that is more versatile than traditional MFA. PCI v4.0 requires MFA, but achieving PCI compliance can be almost impossible in secure contact centers. With most contact centers adhering to strict clean desk policies, multi-factor authentication that relies on mobile phones or text messages is impossible to deploy, and hard tokens like YubiKeys are difficult and expensive to manage and scale.
Twosense is “something you are” that’s 100% software and can be easily deployed onto any Windows workstations or VDI infrastructure.
No Phone Required
Mobile phones are not allowed in secure contact centers, which rules out most traditional MFA.
No Hard Tokens Required
Employee turnover makes the deployment and retrieval of hard tokens impractical and costly.
No Webcam Required
Webcams are either not allowed or not included in the hardware most contact centers use.
"MFA is something everyone loves to hate, but it’s necessary and people get it,” he said. “With Twosense we are able to make that necessary evil a little less evil.”
- Taylor Higley, Director of Information Services, American Federation of Government Employees
The Twosense agent collects keystroke timing and mouse movements to build a model of each user's behavior. Their most recent behavior is checked against the model to check their identity.