Logo Peig
Get Demo

Reliable and paswordless access without security heckles

To de-risk access from common and sophisticated social engineering, or MitM attacks, access security must provide TLS-level authentication binding.

This means relying on a protocol that doesn’t leave systematic gaps for hackers and adversaries to exploit. Peig can do this on regular devices in the background without users being bothered by cumbersome security heckles.

Peig app

Peig is a browser app which employee’s and contractors to securely access an organization’s web resources.

Web application

Peig is used to access these resources via existing web applications your organization already uses.

Peig server

Peig server is Peig app’s security counterpart. Together with the Peig app, the Peig server makes sure all access is securely autheticated to get rid of phishing threats.

HTTPS

Peig browser client establishes a standard web session with a web application using HTTPS. This is great for encryption purposes, but it doesn't verify whether the user has accessed the real web application or has been phished. Similarly, the web application can't recognize a real user from an imposter MitM server.

Sending challenge

To mutually authenticate a user’s device and a web application reliably, we need a challenge-response handshake, binding a challenge to the HTTPS session channel using our cryptographic keys.

Response & mutual authentication

The challenged has been bound to the used HTTPS session and is ready to be authenticated.

Challenge authentication

The Peig browser client and the Peig workspace server & mutually authenticate each other using the challenge in the process.

Authentication confirmed

Thanks to using heavy-duty authentication keys and the binding process, there is high confidence that the right user is accessing the right web application using their deviceactin.

That’s it!

We have successfully authenticated the user's Peig, the web application, and, most importantly, the session channel to architectural mitigate phishing & MitM!

Learn how Peig works behind the scenes
Scroll down to see the process

HTTPS
Peig Browser Client
Peig securely stores cryptographic keys on any user's device to provide maximum authentication security.
Web application
Peig is used to securely access your organization's web applications and resources.
Peig Workspace Server
Together with the Peig browser client, the Peig workspace server authenticates all access requests to prevent phishing and other access threats.
Peig browser client establishes a standard web session with a web application using HTTPS. This is great for encryption purposes, but it doesn't verify whether the user has accessed the real web application or has been phished. Similarly, the web application can't recognize a real user from an imposter MitM server. Preventing common phishing & MitM threats requires device-based mutual authentication between the Peig browser client and the Peig workspace server using dedicated cryptographic keys. & To mutually authenticate a user’s device and a web application reliably, we need a challenge-response handshake, binding a challenge to the HTTPS session channel using our cryptographic keys. The challenged has been
bound to the used HTTPS session and is ready to be authenticated. The Peig browser client and the Peig workspace server & mutually authenticate each other using the
challenge in the process. Thanks to using heavy-duty authentication keys and the binding process, there is high confidence that the right user is accessing the right web application using their device. That's it!
We have successfully authenticated the user's Peig, the web application, and, most importantly, the session channel to architectural mitigate phishing & MitM!