Multi-Factor Authentication saves time, money, reputation – and provides PCI DSS Compliance
Before utilizing XYPRO software solutions and services, one prominent bank depended on non-standard, less secure processes for logging onto their HPE NonStop systems and applications. Relying on a single set of credentials that was managed separately from their corporate Active Directory was both difficult to integrate with enterprise infrastructure and gave poor user experience. It was not part of the mobile app their users were accustomed to and carried high support costs because dedicated technical staff was needed to manage and reset user accounts and passwords. Integration with XYGATE User Authentication (XUA) was put in place and has continued to work successfully since implementation. As security systems of the organization became upgraded, a modernized authentication method was required. For this, XYGATE User Authentication multi-factor authentication was implemented for all users to reduce risk, increase overall security and enhance their user experience all while lowering operational costs.
As one of the largest banks in their region, it is critical to have the most robust cyber security solutions in place to protect mission critical systems and applications as well as customer data. A solution was needed that would integrate their HPE NonStop servers and applications with their corporate Active Directory, provide strong authentication based on industry standards, simplify the user experience through their mobile app and deliver a low total cost of ownership.
XYPRO simplified our user experience while reducing our risk and improving compliance.
After evaluating various solutions available in the market, the security team chose XYGATE User Authentication which addressed all of their requirements. XUA was quickly and easily deployed in their environment and is now protecting all HPE NonStop servers with required PCI DSS multi-factor authentication. When a user attempting to authenticate provides a password, a request is sent back to the user through the mobile app asking to allow the access. Once the user clicks allow, the request is granted and the user is logged on (similar to the behavior of all other applications within the company). Processing this request through the mobile app provides an additional authentication factor, reducing risk and ensuring PCI DSS compliance requirements are met.