Intel® Identity Protection Technology (Intel® IPT)

Multi-faceted security to protect consumers and enterprises from being penetrated by stolen credentials and online user account access.

An Added Layer of Hardware-Based Security

Protecting your identity and business data requires strong authentication that's ideally rooted in hardware. Hardware-based authentication is widely regarded by security experts as a more effective approach than software-only authentication.

Intel® Identity Protection Technology (Intel® IPT)1 is a suite of authentication and online access technologies designed to offer web properties, users, and enterprises with stronger, hardware-based security embedded into Intel’s platforms for better ease of use, while offering a lower cost compared with traditional hardware or SMS authentication. Intel® IPT includes Intel® Authenticate Technology and Protected transaction display (PTD).

How Does Intel® Identity Protection Technology (Intel® IPT) Work?

Intel® Authenticate Technology

Intel® Authenticate Technology is a connected framework that provides the fundamental building blocks for an end-to-end, policy-based identity and access management solution that integrates well within an IT infrastructure. It will give IT more flexibility to specify the combination of hardened authentication factors used for various enterprise applications.

A firmware-based MFA engine in the client enforces policies delivered from IT. This framework allows stronger authentication than just between the user and the platform. It now authenticates the user, platform, and the network to each other.

Intel® Authenticate Solution supports three use cases:

  1. Domain/OS Login allows enterprises to take advantage of hardened PKI solutions, ensuring that when users log in to the domain with multiple secure factors (i.e. Face, Fingerprint, PIN), their credentials are encrypted and stored in hardware, rather than in software where they can more easily be exposed to malware.
  2. Generic Certificate Based Authentication for Applications, Web-Applications, and Services like VPN Login, similarly to the Domain/OS/Web Login, provides added assurance to an enterprise that their keys used for authentication are protected and stored in hardware, rather than in software where they can more easily be exposed to malware. They will only be released if the Authentication of the user was successful.
  3. Walk Away Lock pairs your iPhone or Android-based Bluetooth* phone with your PC to ensure your workstation is locked down automatically should a user walk away from their PC with their phone. The PC will recognize that the Bluetooth*-paired phone is out of the proximity range and lock the system down. Upon return, the PC will recognize that the Bluetooth* phone is back in proximity, and rather than asking for the long domain login, a second alternative factor will be requested. i.e Face or Fingerprint.

Transaction Authorization

Intel® Identity Protection Technology (Intel® IPT)2 with Protected transaction display (PTD) can display information to the user and receive input from the user using a separate embedded processor. Information displayed (such as PIN pad or CAPTCHA) using PTD is designed to only be visible to a user physically present in front of the device. Therefore, meaningful user interaction with such information helps indicate user presence.

This powerful capability helps mitigate against malware such as screen scrapers, keystroke loggers, bots, and man-in-the-middle (MitM) or man-in-the-browser (MitB). Since PTD relies on device hardware, it enables stronger security compared to software-only solutions2. It also provides built-in ease-of-use and a cost advantage over external hardware and SMS-based solutions.

Besides PIN pad and CAPTCHAs, PTD can also be used for financial transaction verification or protection of images in remote document display usages, such as teleradiology.

Product and Performance Information

1

Intel® technologies' features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://www.intel.in.

2

No computer system can provide absolute security. Requires an Intel® Identity Protection Technology-enabled system, including an enabled Intel® processor, enabled chipset, firmware, software, and Intel integrated graphics (in some cases) and participating website/service. Intel assumes no liability for lost or stolen data and/or systems or any resulting damages. Consult your system manufacturer and/or software vendor for more information.