SECUREMATRIX FAQ

Q1 WHAT IS SECUREMATRIX?

It is a one time password product which requires no authentication device, such as a token device. It uses MATRIXAUTHENTICATION® system and generates one time passwords based on images we remember. It strengthen security, improve usability and reduce cost.

MORE INFO

Q2WHAT IS MATRIXAUTHENTICATION® ?

It is an authentication system to create one time passwords from a matrix table (a table of random numbers). Using user's pre-set "position" and "sequence" (= image password), numbers are extracted from the table and used to generate passwords.

MORE INFO

Q3 WHAT IS SECUREMATRIX PRODUCT COMPOSITION?

SECUREMATRIX uses following servers:


• SECUREMATRIX Authentication Server
• SECUREMATRIX GSB Server (Global Security Boxmodule)

MORE INFO

Q4WHAT KIND OF PASSWORDS CAN WE USE WITH SECUREMATRIX?

3 types of passwords can be used. "Image passwords", "Image password and fixed passwords" and "fixed passwords" can be used.
Q5ANY LIMITATION ON SHAPES OF IMAGE PASSWORDS?

No. However, administrators can register prohibited images to limit certain images. You can use "the same positions for multiple times" when generating image passwords. Minimum password length (8 to 64 characters) for image passwords can be configured on the SECUREMATRIX management page.
Q6WHY ALPHABETIC CHARACTERS ARE NOT USED FOR MATRIX TABLES?

Position information is easy to identify. If we display alphabetic characters on matrix tables with numbers, frequencies of characters displayed on tables is reduced. This makes it easier to identify position information. Therefore, only the numbers 0 through 9 are displayed on a matrix table.
Q7WHAT IS THE CLIENT SYSTEM REQUIREMENT FOR SECUREMATRIX?

Please refer to the following page for client system requirements.

SECUREMATRIX client system requirements


Questions related to SECUREMATRIX management functions

Q1WHAT CAN WE MANAGE ON THE MANAGEMENT FUNCTIONS?

SECUREMATRIX offers following management functions:


• User management (adding/removing users, importing and exporting, etc)
• Group management (Creating/deleting groups, etc.)
• Password reset
• Access control (Releasing attack lock, disable access on certain day or date, etc)
• System configuration (changing the display language, setting time-out value, etc)
• Password policy configuration (setting password expiration policy, etc)
• Monitoring operation status (monitoring process status, configuring regular monitoring, etc)
• Backup
• Configuring SECUREMATRIX (configuring BROWSER LOGON, etc)
Q2WHAT KIND OF LOGS CAN WE COLLECT?

You can collect access and operation log.



Access log
Access to GSB and authentication servers are logged. The information logged is what is requested, when is requested, what is requested and details of authentication (ID error, password error, etc) Access log to GSB is stored on the authentication server. For example, when you log in to GSB, access log is stored on the authentication server. Access log to the authentication server is stored only on the authentication server.

Operation log
Operation of management functions is logged. When/what/by whom management functions are used is logged, such as adding, removing and updating users, groups and access control. Operation log is stored only on the authentication server.
You can search both logs from the management page.
Q3WHAT KIND OF PERMISSIONS IS AVAILABLE ON THE MANAGEMENT FUNCTIONS?

SECUREMATRIX have management permissions and monitoring permissions.


Management permissions


It sets permission for 4 types of users, administrator, sub-administrator, group manager and users.

1. Administrator
Administrators have permissions to manage users, groups, operation, license and permissions to monitor and backup.

2. Sub-administrator
Sub-administrators have permissions to manage users, groups, operation and permissions to monitor and backup. This type of users is selected for normal operation.

3. Group manager
Group managers have permissions to manage groups users (showing users in groups, creating/adding, search, setting lock, registering/deleting alias)

4. User
General users.

Monitoring permissions


It sets permission for 2 types of users, auditor and sub-auditor. Users with monitoring permissions have permissions to manage log (deleting log, importing/exporting log, configuring log), which is not available for users with management permissions.

5. Auditor
Auditors have permissions to show, search, add, delete auditors, and permissions to manage logs

6. Sub-auditor
Sub-auditors have permissions to show, search, add, delete auditors, and permissions to manage logs. This type of users is selected for normal operation.
Q4WHAT KIND OF ACCESS CONTROL IS AVAILABLE?

Following access control is offered. It can be configured for each user.

• Time lock
Set starting and ending time when a user can use.
• Date lock
Set starting and ending date when a user can use.
• Day Lock
Set starting and ending day when a user can use.
• Attack Lock
Set limit for continuous authentication failures. Attack lock is enabled when the authentication failures exceed the limit.
• Authentication attempts lock
Set limit for the number of times that users can authenticate If authentication attempts exceed the limit, authentication will will disabled.

Other questions

Q1DOES SECUREMATRIX USE PATENTED TECHNOLOGY?

Yes, SECUREMATRIX uses unique patented technology.