OCTATCO: "M2A, the Next-Generation Authentication That Overcomes MFA Limitations"

• Advanced authentication that analyzes multiple attributes such as user, device, behavior, and environment
• Ensures strong security while maintaining a smooth user experience
• Supports both on-premise and cloud environments, gaining global attention

Even the once-trusted MFA (Multi-Factor Authentication) is no longer considered fully secure. Today’s attackers often obtain a victim’s personal information in advance, impersonate them through help desks to reset MFA, or register MFA on dormant accounts to gain unauthorized access. They also hijack authentication tokens or trick users into entering MFA codes on phishing sites.

To counter these bypass attacks, OCTATCO has introduced a new concept: Multi-Attribute Authentication (M2A). M2A goes beyond MFA by verifying multiple attributes—such as the user, device, environment, behavior, usage patterns, and network status—making it more resistant to phishing and bypass attacks.

“Often, no matter how strong the authentication method, attackers find a way around it,” said Jaehyung Lee, CEO of OCTATCO. “Biometric authentication may be one of the most accurate methods, but even it can't prevent session hijacking. That’s why M2A, which checks multiple attributes, can deliver true Zero Trust authentication.”

OCTATCO’s Phishing-Resistant M2A blocks MFA bypass attempts through a combination of biometric authentication, hardware security keys, device integrity checks, and network status verification. It continuously monitors user activity within an authenticated session to detect anomalies—strengthening security without disrupting the existing authentication experience.

"Zero Trust isn’t just about verifying identity at login," said CEO Jaehyung Lee. "It’s about continuous monitoring during the session, dynamic access policies based on user and device status, and applying the principle of least privilege in a granular way. OCTATCO fulfills all these requirements through AI-powered authentication and monitoring."

Recognized as a Global Leader in Authentication

OCTATCO is a specialized provider of authentication solutions built on the FIDO2 standard. FIDO2, which includes WebAuthn and CTAP, allows secure, passwordless authentication on websites and apps using biometrics, security keys, and built-in authenticators. OCTATCO’s M2A enhances this with multi-attribute analysis—making it one of the most robust authentication methods available, both in Korea and worldwide. Moreover, OCTATCO offers fingerprint security keys as standalone hardware—appealing to users reluctant to store biometric data on other devices.

“M2A is a cutting-edge technology that’s ahead of the global trend,” said CEO Lee. “It delivers full passwordless login and comes closest to the ideal Zero Trust environment. It supports both cloud and on-premise deployments and integrates seamlessly with existing enterprise systems—driving growing demand at home and abroad.”

OCTATCO’s authentication solution has already been adopted by a financial institution in Saudi Arabia, proving its potential in the global market by integrating with over 5,300 different systems. The company has also achieved significant milestones, including becoming the standard provider of fingerprint security keys at Samsung Electronics, supplying solutions to 256 branches in 13 countries for Woori Bank, and delivering internal control systems to major financial institutions, public agencies, and local governments.

Looking ahead, OCTATCO plans to launch a cloud-native SSO (Single Sign-On) solution in the second half of the year. It also aims to implement an IoT and quantum security roadmap in collaboration with ICTK, a fabless semiconductor security chip company. In the long term, the company is evolving its platform into a full-fledged IAM (Identity and Access Management) system.

“All security technologies can eventually be bypassed, so it's crucial to build layered security within the platform to minimize that risk,” said Lee. “It’s not easy to stack various security technologies into a single platform while maintaining user experience and external interoperability—but the companies that succeed will lead the global cybersecurity market.”

“OCTATCO has spent over nine years since its founding in 2016 developing authentication technologies that comply with global standards. With M2A, we’ve created a next-generation authentication solution. Our technology has already been recognized by clients across diverse industries and environments. We’ll continue to advance and refine our solutions to grow into a globally recognized leader in authentication,” he concluded.

By Sunae Kim, iyamm@datanet.co.kr

[Read the original Korean article here]