Anti-Phishing

Get The Anti-Phishing APIs
Watch the Video
Read the Data Sheet
Read the White Paper
Try the Demo

Dynamic, Mutual Authentication Technology for Anti-Phishing

Some websites attempt to combat phishing by placing a static picture on the login page. The picture is supposed to assure the user that they are on the real website and not a phishing site. However because the picture never changes, users begin to ignore the picture and enter their passwords on the webpage without ever really looking at it – defeating the purpose entirely.

Confident ImageShield™ can be used as a dynamic, mutual authentication solution to fight phishing. It requires the user to actively verify that they are on the legitimate website, while at the same time allowing the website to authenticate the user. The user is only able to enter their password after they have actively authenticated using Confident ImageShield.

How it works:Anti-Phishing Login

1. The first time a user registers on the website they choose a username and password. They also select a few categories of images they can easily remember.

2. To login, the user enters their username on the web page.

3. Next, the user is presented with a randomly-generated grid of images – the Confident ImageShield.  The user must identify which images fit their secret categories by clicking on the correct pictures. Behind the scnes, Confident ImageShield creates a one-time password or PIN that is unique for each login session.  

4. Only after successfully authenticating using Confident ImageShield, the password field is enabled and the user is allowed to enter their text password to complete the secure login.

The specific pictures shown on the Confident ImageShield are different every time. In this way, the user must actively engage with Confident ImageShield in order to identify which images fit their previously chosen authentication categories. This ensures that the user is an active participant in strong security practices and also prevents the user from ever entering their password on a spoofed website where the Confident ImageShield does not appear.


Get the Anti-Phishing SDK

Customize and integrate our image-based authentication technology into your web and mobile applications or other security offerings. Quickly evaluate and integrate our authentication technology into your solution using our APIs, sample code and documentation by contacting us or starting a Free Trial.