Nordic Edge

Overview
Features
Integrations
Download

Mobile Client Pledge

Pledge is a mobile client used to generate one-time passwords based on the OATH algorithm. Being able to securely access critical data is imperative, but for many organisations the standard authentication method for accessing information is with a username and a password. This is too weak for protecting corporate assets. The mobile client Pledge solves the problem by securing the login with two-factor authentication.

Pledge turns your mobile device into a security token and it is available for most platforms. The product comes with a full back-end infrastructure for automation of key enrollment and customizable profiles. Instead of using a security token when logging in, you simply use your mobile phone. Using Pledge, you can log in securely to different applications and even sign different services using your cell phone.

Hardware tokens require heavy administration and logistics which raise costs. With Pledge, these costs are severely reduced. Pledge offers low-cost authentication with easy or no administrative overhead.
Pledge is included in Nordic Edge™ One Time Password Server. For each user license you buy, you are entitled to use Pledge for the user.

Different Pledge Mobile Client Profiles

Key Benefits

Secures your applications with strong authentication
No transaction costs
No distribution of hardware tokens needed
Multiple profile support
Easy deployment
Automatic key enrollment
Supports the large majority of mobile phones

Mobile Client Pledge

Features

What is a profile?

Each user and service provider (for example Google Apps) has a unique profile.

The user profile contains unique OATH information that establishes the user's identity. A graphic profile for the service or application can also be created by the service provider to create a customised look and feel on the user's device. The user profile also contains the security policy that has been defined for the service.

Multiple profiles

Pledge can handle multiple profiles, which means that an authentication device such as a cell phone can store unique profiles for many different service providers. So users only need a single authentication device instead of a different token for each service provider.
Every profile can be uniquely configured.

Security policy

An important part of Pledge is the ability to define the security policy for a particular service. For example, for critical applications the pin-code option can be selected so that the user has to enter a pin-code in order to access the one-time-password, providing an added layer of security in case the phone is ever stolen. Also, the length of the pin-code can be set in the security policy.

An individual graphic profile

The profile for each service or application can have its own customised graphic profile. Ready-to-use templates make it easy to create a graphic profile with your logo etc.

The OATH standard

Pledge is a mobile client used to generate one-time passwords based on the OATH algorithm.
The OATH (Open Authentication) standard is an open standard that is supported by many security companies around the world for providing strong authentication for all users on all devices across all networks.
OATH has many advantages. For example, a single authentication device such as a mobile phone can be used with multiple websites and applications, which cuts operating costs. Read more about the OATH standard at www.openauthentication.org

Download

When the user registers to use a particular service or application, the service provider requests a new user profile. This generates a unique profile for the user according to the security policy and the graphic profile that the service provider has already defined. Once this is done, a unique profile number will be sent back to the service provider.
The service provider sends the profile number to the user. All that the user needs to do is enter the profile number into the Pledge client on their mobile phone. Once this is done, the unique profile number is automatically downloaded.