Because more gates doesn’t necessarily mean better security of the fort, so

Cryptographic MFA

Based on self-sovereign cryptographic digital identity, I-AM   Crypto-ID, the Pi-Control    Cryptographic Authentication puts forth a holistic perspective to Multi-Factor Authentication. Cryptography improves the “What you know”, and subsequently improves the other pillars of MFA scheme.



"With the help of Fortytwo Labs Pi-Control and I-AM Cryptographic Authentication technology we’ve successfully upgraded our internal and external user authentication levels"

IT Head at Reputed Bank


MFA Design Definition

Multi-factor authentication (MFA) is one of the most critical aspects of Identity and Access Management. It is often reduced to only means of adding more layers of authentication, by some point solutions.


At the heart of Multi-factor Authentication is the underlying governing information security policy for each digital asset be it applications, service, device or an IoT.

MFA is supposed to reinforce the confidence in the digital system, by increasing the cost of cyber attack on digital identities at the same time simplifying the ability to authenticate and access the digital resources for the right party.

Challenges with MFA Design 

 Key Pillars of Multi-factors Authentication are,

  1. What you know: A shared secret knowledge

  2. What you have: Another device or thing that you have access to, which is relatable to the current situation

  3. Who you are: Your biometrics, device fingerprint


What you know


What you have


Who you are

While these 3 are supposed to impart incremental authentication security there is a fundamental flaw in the design of the pillars.


The problem with the 3 pillars of MFA in digital is that, as soon as someone gains the access to underlying data of “what you have” (e.g. OTP sent on SMS) and “who you are” (E.g. biometric data), it is reduced to the level of authentication security offered by the first pillar of “What you know”


Cryptographic MFA Differentiator

Key differentiator is a cryptographic wrapper around the "What you Know" level of authentication, in 3 steps

Step 1

Strengthen “What you know” to  “What you never need to know”

With its cryptographic backend, Pi-Control ensures that the shared knowledge in terms of I-AM Crypto-ID handshake need not be humanly understandable for identity verification to happen.


Further this shared knowledge in the form of Crypto-ID handshake changes dynamically as per the context of each instance of authentication.


This way Crypto MFA secures the first pillar of MFA “What you know”.

Fraudsters can’t activate I-AM on other devices without having the knowledge of the cryptography running on the backend. 

Step 2

Pi-Control adds the second level of authentication on top of this improved “what you know” authentication design.


This is a simple Cryptographic consent requested from the user on the I-AM activated device.


It could be a one time token sent on the I-AM activated device to the user. 

Step 3

On device biometric verification can be done using an I-AM activated device by the end user for a third leg of MFA

You can choose the authentication matrix to suit application’s identity security needs. One platform multiple options to extend with simple integration. The Pi-Control Cryptographic MFA has plugins for no-code integration with AD and ADFS

Pi-Control Crypto MFA.png

Pi-Control   Cryptographic Authentication



Pi-Control     is a distributed cryptographic services platform that delivers cryptographic services out of the box. Pi-Control uses I-AM   , a self-sovereign cryptographic digital identity technology.


Pi-Control     Crypto-Auth is the Cryptographic authenticator suite of solutions delivered from Pi-Control     platform. Strong Cryptography with sophisticated digital identity technology platform, allows secure passwordless Cryptographic authentication to any digital enabled application and device. Pi-Control     facilitates cryptographic identity onboarding and subsequently enables passwordless, multifactor Cryptographic authentication.









Getting Started

people meeting-3245739_640.png
magnifying-33170_640 Transaction Securit

Join one of our Group Demo

Join our Workshop on Cryptographic Authentication


Schedule a Discovery Session