FAQ
Why do I need Claveo?
Simply put, Claveo keeps your users and their data secure. With the upward trend in advanced cybersecurity attacks, it is clear that just a password is not enough to keep hackers from compromising online accounts. If you run a service that transacts financial information, holds sensitive user data (such as credit card numbers or medical records), protects proprietary information or trade secrets, or guards any sensitive information that should not fall into the hands of hackers, you need Claveo.
In the case of exclusively password-protected systems, two-factor authentication is a requirement or strong recommendation by many global regulations, including the PCI Data Security Standards, the HIPAA, the European Data Privacy Directive, and those from the FFIEC. In a May 2011 report, the FFIEC issued stricter reccommendations to banks strongly advising the use of two-factor authentication, citing that "account fraud and identity theft are frequently the result of single-factor authentication exploitation."
What are Claveo's advantages over other solutions?
Claveo stops at nothing to keep your users secure while providing the best experience possible. Unlike our competitors, we went a step further and made sure that even the compromise of our own system wouldn't put your users at risk.
- One-click mobile phone-based experience is the easiest second-factor solution available
- Our risk mitigation technology provides end-to-end security in the face of advanced threats
- Claveo's flexibility allows you to provide two-factor security for transactions previously impossible to secure with competing technologies
- We provide the most customizable second-factor solution available, with generic, custom branded, and library-based mobile applications as well as client libraries to integrate seamlessly with your existing secure service
Read more about Claveo's wide range of features.
What happens if I lose my phone?
Losing your phone is like losing your credit card. Claveo allows all providers of Claveo-enabled services to remotely deactivate a mobile phone just as one would a credit card, so you can reactivate your new device when you get one (or if you find your old one). Your provider will give you instructions on their procedures for deactivating a device which will likely include extended identity verification for your protection. Contact the provider of your Claveo-enabled service (your bank, IT department, etc) for more information.
Can your server see my transaction details?
No. The transaction details sent from your service with every transaction are encrypted such that only the intended device can view them, passing transparently through our server. Thus transaction data can never be exposed via our infrastructure. As well, the usernames that you provide Claveo to authorize a transaction are hashed such that you can keep a consistent interface across your system while not worrying about our server keeping a record of sensitive user information.