Deepnet Security Logo
Device DNA

DevicePass enables online applications restrict access from only trusted computer devices and authenticated users, by combining the computer DNA with the user name and password.

Like a human being, every person has a unique DNA sequence. Each computer device has its own unique characteristics. DevicePass creates a unique digital DNA, “deviceprint”, of a computer device, from the device’s hardware components such as hard disk ID, CPU serial number and network MAC address etc.

How it works

When a user attempts to access a DevicePass enabled application, DevicePass scans the user’s computer for its hardware components and creates the device’s DNA sequence. This real-time deviceprint is then compared with the deviceprint stored in the user’s account. If the deviceprint is not recognised by the system, the user will be prompted to register the device and wait for the device to be approved by the system administrator. Once a device has been approved and the user's identity has been verified, then the user will be granted access to the application.

Key Features

  • One-Time Deviceprint

    Once a device has been registered, its real deviceprint will not be directly used in the authentication process. Instead, in every authentication, a one-time deviceprint derived from the real deviceprint is generated and submitted to the server. This innovative way of authenticating a device using one-time deviceprint prevents the replay attack - a problem that other device-based authentication products commonly suffer from.
  • Real-Time Interrogation

    Furthermore, the DevicePass client does not store the deviceprint. At each authentication request, the DevicePass client checks the hardware parameters in real-time, which makes the replay attack impossible.
  • Auto Synchronisation

    DevicePass offers the flexibility that allows the user to change some hardware components in their device, without re-registering the device. If a device becomes “unsynchronised” as the result of hardware changes, DevicePass can automatically update the deviceprint with the new hardware configuration as long as the changes are within the allowed threshold set by the service.
  • No software installation

    DevicePass does not require any software to be pre-installed on the user’s PC for web-based applications. The DevicePass real-time scanner is a small JavaApplet that is embedded in the user’s logon page, delivered in real-time to the user.
  • Transparent Authentication

    DevicePass provides device-level authentication through the same authorization process with which users are already familiar. Since DevicePass doesn’t alter the end-user experience, there’s no user interaction, learning curve or training required.