Skip to main content
Skip table of contents

General principle

Overview

TrustBuilder MFA provides a Strong Authentication as a Service solution that makes the authentication process altogether secure, simple and affordable to any website..

If you publish a website where “member access” or “user accounts” are protected by a password, our solution enables you:

  • to replace password authentication by a multi-factor authentication making connection to any website super easy and yet, more secure

  • to prevent users from remembering additional login and passwords or having to use password recovery methods as a standard way to access to your service

  • to integrate a user-centric, multi-browser, mobility-ready and free access control service

To implement our solution you should do the following:

  • create an account for your organization at TrustBuilder

  • implement a connection to the TrustBuilder authentication servers on your site using the Web Services API development kit

  • add your users to your account, who in turn will activate one of our authentication devices, thereby allowing them to connect to the site

1 - Creating your TrustBuilder account

Signup here: https://www.myinwebo.com/signup/

Follow the steps. At the end of the process you should be connected to our administration console and ready to administrate your TrustBuilder MFA strong authentication service.
The administration console permits you to manage your users and to add your website properties.

  • To configure your website properties click on “manage service parameters” and then on the “connector setup wizard” button. Follow the steps.

  • To add users, simply click on “manage service users” and then on “add a new user”. Adding users can also be done using the provisioning functions of the API

2 - Implementing the Web API

Implementing the Web Services API requires generating a certificate to authenticate the connection between your site and the TrustBuilder servers during Web Services API calls.

To generate the certificate:

  • Connect to the administration console

  • Go to “manage service parameters”, and click on the “Download a certificate for API access” button

  • Choose the appropriate format for the certificate. Carefully note the passphrase used to generate the file

3 - Users MFA States

4 - Having users activate a trusted device

To connect to the site, your users will activate one of our 2FA authentication devices

A device is activated with an Activation code generated when adding a new user. Tick the “Send an activation email” option in the user creation form to have the code sent per email.

Once activated, the device will show the bookmark of your site. Users simply have to select it and the device will fill in the authentication form. The posted data - the user login and a One-Time-Password - will then be tested against our strong authentication servers, thereby controlling the access to your site.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.