Cetbix MFA

Cetbix Access Authenticator App Overview

What are the differences between Cetbix ISMS, Cetbix ISMS-R, Cetbix ISMS-F and Cetbix ISMS-ICS?

All the listed products are built on the Cetbix ISMS. This means, one has to use the Cetbix ISMS to be able to activate those other modules.

Cetbix provides its own **Cetbix Access Authenticator** app to enable secure multi-factor authentication (MFA) for user logins. Here's a detailed breakdown of the app and its functionality:

---

1. 1. **Cetbix Access Authenticator App Overview**

- **Purpose**: Acts as a secure MFA solution for Cetbix-enabled accounts, providing **push notifications** and **dynamic security codes** during login. - **Availability**:

 - **Android**: [Available on Google Play](https://play.google.com/store/apps/details?id=com.cetbix.appnotification)[1]
 - **iOS**: [Available on the App Store](https://apps.apple.com/gt/app/cetbix-access-authenticator/id1621293327)[2][6]

---

1. 1. 1. **Key Features**

1. **Push Notifications**

  - Users receive real-time login approval requests on their mobile devices.
  - Requires user confirmation to authorize access, adding a critical second layer of security[1][6].

2. **Dynamic Security Codes**

  - Generates time-sensitive, unique codes (similar to TOTP) that must be entered alongside standard credentials[1][4].
  - Codes are regenerated periodically to prevent reuse or interception[1].

3. **Rigid Authentication Mechanism**

  - Implements strict security protocols to prevent unauthorized access, even if passwords are compromised[4][6].
  - No sensitive data (e.g., financial information) is stored or collected by the app[3][6].

4. **Privacy-Focused**

  - **No data collection**: The app explicitly states it does not collect user data[1][6].
  - **TLS encryption**: Ensures secure communication between the app and Cetbix servers[3].

---

1. 1. 1. **How It Works**

1. **Login Initiation**: A user enters their username and password on the Cetbix login page[9]. 2. **MFA Trigger**: Cetbix sends a push notification or generates a security code via the authenticator app. 3. **User Approval**: The user approves the login request or enters the dynamic code. 4. **Access Granted**: Upon successful authentication, the user gains entry to the Cetbix platform[1][6].

---

1. 1. 1. **Security Measures**

- **TLS Encryption**: Protects data in transit between the app and Cetbix systems[3]. - **No Local Storage**: Sensitive credentials or codes are not stored on the device[6]. - **Compliance**: Aligns with modern security standards, though specific certifications are not listed in app details[1][3].

---

1. 1. **Summary Table**

| Feature | Details | |-----------------------------|-------------------------------------------------------------------------| | **MFA Methods** | Push notifications, dynamic security codes (TOTP-like) | | **Platform Support** | Android, iOS | | **Data Collection** | None | | **Encryption** | TLS for secure communication | | **Use Case** | Secure login for Cetbix-enabled accounts |

---

• • In summary**, the Cetbix Access Authenticator app provides a secure, privacy-conscious MFA solution tailored for Cetbix users, combining push notifications and dynamic codes to enhance login security.

Citations: [1] https://play.google.com/store/apps/details?id=com.cetbix.appnotification [2] https://apps.apple.com/gt/app/cetbix-access-authenticator/id1621293327 [3] https://www.cetbix.com/contents/technicalorganizationmeasures [4] https://apps.apple.com/tr/app/cetbix-access-authenticator/id1621293327?l=tr [5] https://www.cetbix.com/products/cetbixismssoftware [6] https://apps.apple.com/my/app/cetbix-access-authenticator/id1621293327 [7] https://wikki.cetbix.net/index.php?title=ABOUT_CETBIX_ISMS [9] https://www.cetbix.com/signin.php