Credential Check

Protect customer and employee accounts during registration or other critical events such as password changes and checkouts. Credentials are checked in real time and GDPR-compliant at an interface of your choice and accounts at risk are detected.

To do this, we continuously search for stolen credentials on the entire internet, analyze them and store the findings in our leak database. We provide the interface to request individual records from our database for verification on your systems - your users remain anonymous.

Planning

Together we plan the deployment within your company and according to your needs. Fully integrated into your existing processes, check the existence of the user’s email address and password in our database of leaked records during logins, new registrations or password changes.

Effective Protection

Define and configure processes to automatically address findings and immediately take action to remediate possible exposure. Restrict affected accounts or require further proof of authentication (e.g., a second factor) before critical transactions are executed.

Compliance

With Credential Check, you can comply with basic requirements of the BSI IT-Grundschutz-Kompendium.

Measures SHALL be taken to detect password compromise. – Module ORP.4 Identity and Authorization Management

Installation

Our basic implementation appliance is provided and can be further customized by you. Additionally, we can implement a fully customized solution to integrate into you existing landscape and available software stack. Processing of all user data remains in your infrastructure, there is no transmission of identifiable user data. Results are available only at your local instance of our Credential Check application, no data is processed externally. You retain full control over the runtime and operating environment at all times.

Asynchronous and Precise Fit

With our system we collect and analyse most recent collection of data leaks. All queries are executed against our continuously updated leak database. Queries can also be executed asynchronously to your existing application’s workflow, result may be evaluated at a later point in time, exactly when you need them.