CertiVox has announced the launch of the open source, multi-factor authentication system M-Pin.

Based on elliptic curve cryptography for web, cloud and mobile applications, the company claimed that M-Pin turns any HTML5 browser into a strong authentication client that authenticates to the open-source M-Pin Server, which only stores one leak-proof cryptographic key, replacing the username/password database.

It also contains just one leak proof cryptographic key so if it is compromised, it reveals no details about end-users on the system. Certivox said that M-Pin can be integrated with any web application, Single Sign-On or identity management solution and in any software application.

Brian Spector, CEO, CertiVox, said: “M-Pin is an open source multi-factor authentication system that can be deployed in minutes at a fraction of the cost of existing solutions while offering a degree of security greater than many existing solutions that cost an order of magnitude more.

“M-Pin is the only open source authentication solution that removes the threat vulnerability of username/passwords at the client and server level and replaces it with two-factor authentication based on a strong cryptographic protocol built for tomorrow's internet.”

Javvad Malik, senior analyst at 451 Group, commented: “With the removal of usernames and passwords and replacing these with an ATM machine style PIN for HTML browsers; CertiVox brings strong authentication whilst simplifying the user interface.

“With its open source M-Pin Strong Authentication Server, we are encouraged to see CertiVox placing its trust in the developer community, seeking to address a pertinent security challenge.”