Novomatic AG: Enabling Multi Factor Authentication (MFA) in Crowd Connected Environment and Simplifying the Login Process
The Client
The NOVOMATIC AG Group, with its presence in around 50 countries, is one of the biggest international producers, operators, and exporters of gaming technologies, solutions and equipment. The Group has clients spread over 100 countries where it operates 212,000 gaming terminals and video lottery terminals (VLTs).
Active in all segments of the gaming industry offering a diversified Omni-channel product portfolio to its partners and clients around the world. A shared characteristic of unique innovative strength made us and Novamatic the perfect match.
The Need
The client wanted to enable ‘Second Factor Authentication’ in multiple Atlassian products such as Jira, Confluence, Bitbucket and Crowd. They were looking to have the same authentication method across all the applications so as to simplify the login process. With their decision to manage all the users in crowd and enable Crowd Authentication, so that they have a single source of Authentication for all the users and admins can manage access for all the applications from Crowd itself, posed a challenge.
The Challenge
The extra added security started to bother users as they still had to perform 2FA on each of the applications individually even though they have authenticated against the Crowd. What seemed as a small inconvenience at first, turned out to be a big productivity optimization problem especially if you bring in 15,000 users and factor in the scale of the operation, and that needed to be addressed.
The Solution
We at miniOrange came up with a solution that kept users' crowd authentication sessions and 2FA sessions in-sync. With its implementation, the users now just needed to authenticate themselves once via 2FA, and that would be valid for all Crowd connected applications. This led to an improved user experience and increased customer satisfaction by a significant margin, all without compromising security.
The Solution at Work
In a Crowd managed environment, authentication sessions are shared between all Crowd connected environments. Due to the same principle, miniOrange’s solution shares the MFA authentication session with other connected applications. The MFA plugin installed on these applications validates the session, assesses the user's access permission, and grants the user login permission accordingly. miniOrange’s MFA solution is also able to restrict the shared session within the same browser, leaving no security loopholes behind.
How Novomatic Benefitted
- Being a Crowd Managed Environment, admins could manage end users 2FA Access from the Crowd server itself.
- Users 2FA were automatically validated in the Crowd Connected applications.
- Users are not required to manage multiple credentials to access the applications.
And That’s Not All We Can Do in a Crowd Connected Environment
- Compatibility with SSO: Admins can disable the local 2FA for users if the user authentication was performed by SAML SSO via IDP. This solves the problem of redundant 2FA by skipping local 2FA if the 2FA is already handled on IDP.
- Support for Multiple Authenticators: Admins can choose from an array of MFA Authenticator methods which suits their needs
- One pass code across multiple applications: Users can choose the same pass code for validating MFA in multiple applications so that they do not have to manage multiple credentials.
So, For Novomatic…
Our product proved to be the best. What about you? If you have similar challenges or just want to know more about what we can do in the realm of identity and access management, please contact us at info@xecurify.com or call us at +1 978 658 9387. We would be glad to assist and find the best solution for your needs.