1. How do I know my SOLAS is secure?
    The SOLAS device is a multi-facet authentication solution. Biometrics are used to protect the device and to activate the on board processor of the device. Each device is loaded with a unique 256 bit encrypted identifier, which is unknown to anyone including the user of the device. In addition, neither the SOLAS device nor the SOLAS Authentication Server contains any user information what so ever.

  2. What protects my fingerprint data?
    There are several levels of protection for the fingerprint data. First, high-level encryption protects all the data on the device including the fingerprint data. Secondly, the authentication between the device and the AG does not use or require the fingerprint data. This means that the fingerprint data never leaves the device. Finally, the device and AG (Authentication Gateway server) do not contain any user information.

  3. Is there a back-door onto my SOLAS device?
    No. Me4Sure believes that our products should provide the ultimate in protecting the security and privacy of our users, while maintaining simplicity and ease of use. We have taken great pains to ensure that there are no "back-doors" to the device. In addition, no user information is contained on the device or within the AG server.

  4. How does this protect me against keystroke-logging spyware or phishing attempts?
    The SOLAS authentication process and procedure does not use keystrokes, which eliminates the possibility of logging keystrokes via a malware application. SOLAS eliminates the concern of Phishing because the device configuration only allows the device to communicate with one specific AG.

  5. How does SOLAS protect against brute-force or physical attacks?
    The SOLAS device does not contain any user information, usernames or passwords so there is nothing gained from a brute-force and physical attack.

  6. When I run my SOLAS on my computer, is the data traveling between my computer and the AG Secure?
    Yes, high-level encryption and secured communications links continually protects all the data transfers.

  7. What operating systems does the SOLAS work on?
    SOLAS works with Microsoft XP and VISTA platforms. The AG runs on Microsoft Server 2003 with SQL database.

  8. Does it require a driver or software installations?
    No, the user does not need to load any software. The firmware on the device contains all the required software necessary to operate the device and authentication process making SOLAS a plug and play application.

  9. Do I need to use a Username, Password, or PIN?
    SOLAS does not use or require the use of Username, Passwords and/or PINS for the authentication process.

  10. How would Eliminating Username, Password, or PINs make me more secure and save me time and money?
    For organization using this device as a single sign on to applications, etc. this helps secure and track who, what, when, where, and how people are accessing vital company information. This helps in eliminating the "Password Pain".

    The typical employee is required to remember 8 to 12 passwords but can usually recall only three or four. SOLAS helps to eliminate the frustration employees and system administrators experience when users forget their username and/or passwords (as well as the security loophole they create by using simple passwords or by writing passwords down.)

    The typical user spends 44 hours a year logging in to four applications, according to industry research. Up to 70% of help-desk calls are password-related. The average company spends US$300-$500 per user, per year on resetting passwords - What does that add-up for your company?

    Bottom line, eliminating the need for user name and passwords, increase down time for employees, which increase productivity, plus allows IT to be more productive what on new innovations/projects to make the company more profitable, while we cutting down on expense and saving you money.

  11. How does the SOLAS work?
    Software contained within the device will initiate the authentication process and communication string between the device and Authentication Server (AG). The device activates when the device verifies the user enrolled fingerprint. Upon verification of the users finger print the device initiates a communication request to the Authentication Server (AG). At this point, the device requests authentication from the AG. The AG will generate and send a one-time use random encrypted challenge to the device. The device will respond to the challenge. Once the AG has verified the challenge response and the unique identifier assigned to the device it will issue the authentication credentials to the customer's access portal for access. Once the access credentials are sent to the access portal and access is either granted or denied, the AG will terminate the communication session between the device, AG and access portal.

  12. Can Me4Sure employees see my data?
    No, Me4Sure employees do not have access to any user information. All customer data resides on the client side of the solution.

  13. What is my SOLAS is lost or stolen?
    Each device comes equipped with a unique serial number. If a device is lost or stolen, the system administrator simply deletes the device serial from the AG data thus rendering the device inoperable. In addition, the biometrics protecting the device coupled with the fact that no user information is contained in the device makes the device useless to any other than the enrolled user.

  14. What if USB Ports have been blocked?
    There are number of secure ways to allow USB devices such as SOLAS to work with USB ports while still blocking those same ports from unsecured devices. Me4Sure works with the client's security organizations to ensure that we follow and adhere to all security policies and requirements.

  15. Can the SOLAS be used as a Single Sign On Device?
    Yes, this can replace the need for Username, Passwords and PINs to gain access to company's internal applications from internal connections or external access . SOLAS confidently enables organizations to identify who is gaining access to their environments and systems. With the correct configuration and implementation, SOLAS has the ability to provide Single Sign-On capabilities.

  16. Does the SOLAS address Compliance regulations, such as HIPAA, Sarbanes-Oxley, FFIEC, etc...?
    Yes, it meets and or exceeds compliance regulations such FFIEC, HIPPA, HSPD12 etc ... It is FIPS 140-2 on the AG for Government compliance.

  17. Is the SOLAS Customizable?
    Yes, it is customizable to one's infrastructure, and is customizable with branding. We can co-brand to meet the needs of you organization or customers.

  18. How is the AG (Authentication Gateway) Secure and Protected?
    The entire AG platform is 256 bit encrypted. The database has unique identifiers, a login transaction database for tracking/auditing. Nowhere in the AG or SOLAS Device is the user's information stored.

    We protect the AG with a Master Key employing Split Key technology.

  19. Does the AG have tracking and audit capabilities?
    Yes, the AG has a login transaction database for tracking/auditing. It also as a Maintenance view to the AG that allows for Logging/Adding/Deleting.

  20. Is the Deployment/Implementation difficult and costly?
    With our Gateway Architecture Model IT Infrastructure there are little to no modifications required to the Client's Access Server Platform. The Attached Server Architecture requires a little more configuration work over the Gateway Architecture.

    SOLAS is basically plug and play, which reduces implementation time and costs while providing the client with a highly secure cost effective security solution.

  21. How many transactions can the AG handle?
    Depending of the client's configuration needs the AG Server has the potential to handle up to 10,000 transactions per second. Me4Sure recommends that all production environments run in a redundant mode. A redundant environment theoretically increases the potential transaction per second to 20,000 transactions per second.