What are you Looking for?
Two-Factor authentication consists in associating two different devices (two factors) to verify a person identity.
A first factor should be, for example, login credentials required at login time.
The second factor adds an extra level of security: it consists in an additional access key aimed to confirm the identity of the person accessing the service.
This second factor is often a secret key received on your mobile device (the most used device is smartphone), while more rarely it takes the form of a dedicated physical device (such as a USB flash drive).
This two factors combined together guarantee that only the user access his personal informations since the user have to know his access credentials but also have to be in possession of a second factor in order to confirm the access.
Two-Factor authentication consists in associating two different devices (two factors) to verify a person identity.
A first factor should be, for example, login credentials required at login time.
The second factor adds an extra level of security: it consists in an additional access key aimed to confirm the identity of the person accessing the service.
This second factor is often a secret key received on your mobile device (the most used device is smartphone), while more rarely it takes the form of a dedicated physical device (such as a USB flash drive).
This two factors combined together guarantee that only the user access his personal informations since the user have to know his access credentials but also have to be in possession of a second factor in order to confirm the access.
We have chosen two-factor authentication for its high efficiency and because it complies with the guidelines of the Italian Data Protection Authority Garante Privacy regarding online reports.
The two different factors we choose to make the patient authenticate are: the e-mail account and the smartphone
We can divide the authentication process in two step:
Once the professional has sent the document, a notification email is sent to the patient mail box, inside this email there's a link to click.
When the recipient patient clicks on the link a web page opens. In this web page is requested the insertion of a secret code.
This secret code is sent to the patient by sms automatically and will be valid for 60 minutes. Once the patient inserts the secret code in the web page, he will be able to download the document.
If an unwanted user tries to have to view the document, he should steal the email account of the patient and also violate the second security level by stealing the patient’s smarphone within 60 minutes, i.e. the validity time of the secret code.
It is almost impossibile violating these two security level combined together.
The Two-Factor authentication solves the problem of exposure of documents to thefts, losses, all too common in areas where huge amounts of sensitive data circulate, where privacy and the widest respect for the fundamental rights of the individual must be guaranteed in the strongest terms.
If an unwanted user tries to have to view the document, he should steal the email account of the patient and also violate the second security level by stealing the patient’s smarphone within 60 minutes, i.e. the validity time of the secret code.
It is almost impossibile violating these two security level combined together.
The Two-Factor authentication solves the problem of exposure of documents to thefts, losses, all too common in areas where huge amounts of sensitive data circulate, where privacy and the widest respect for the fundamental rights of the individual must be guaranteed in the strongest terms.
© Copyright 2020, by Deasoft Srl
PI 03339021200 - Via Vittoria, 23/G San Lazzaro di Savena, Bologna