Application Security in Your Company

Comarch MobileID is a solution which can, in a simple way, increase the security of applications used in every company. The product takes the place of traditional authentication methods, using a comfortable and strong method, based on the mobile token. The applications which verify the identity of the user, based on a login and password through to the usage of a simple API, can be moved to a higher security level in a simple manner. It is worth noting that when using Comarch MobileID, there is no need to use mechanisms which force the user to create strong passwords as well as their periodical resetting. Additionally, when integrating many applications, the corporate environment gains a central point of user password management.

Importantly, the server components, depending on the size of the implementation, can act inside the client network infrastructure or on the Comarch side. In the case of larger implementations it is recommended that the whole solution infrastructure is created. The infrastructure would contain a verification server and a console which manages the client's organization internally. In such a model, the administrators have full control over all aspects of activity as well as system access. For smaller implementations (when a few to a few dozen Comarch MobileID applications are used) a more economic solution would be an appropriate model. In this model, the client would use an externally accessible (outsourced) shared server infrastructure of the solution, which is maintained by Comarch. In such a case managing the users occurs via the available online console, whereas the verification of oneoff codes is possible through the API protocol interface which is made available.

In order to guarantee the right level of security for such a model, access to API is secured with the help of mechanisms from the SSL from both sides. Access to services and consequently the authentication of client systems are limited based on this. Every client who decides on this model of authentication receives a certificate created by Comarch and a set of libraries which allow simple API functions that are made accessible as Web Service methods. The libraries are available in PHP language versions, Java and .NET platforms.

Try MobileID live

Find out more about MobileID