Identity and Anti-Spoofing Technology
What Is A Spoofing Attack
A spoofing attack is when a malicious party impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls.
DTRelay Is A Technology That Can Prevent A Spoofing Attack
DTRelay is the perfect choice for an Identity and Anti-Spoofing technology because it establishes a shared-secret between the client and server. There are a few places where spoofing might happen, but since we guarantee the authenticity of the communication between the client and DTRelay it can prevent spoofing in both directions.
With DTRelay there are no exposed tokens. To identify registered applications, API providers often require a consumer key/secret value to authorize requests. These values are used for every request on behalf of the application and compromise can let an attacker masquerade as the application. With DTRelay, these credentials can be stored securely on the server, out of the reach of users. Moreover, OAuth tokens are stored in DTRelay and never sent to the client application, so DTRelay can be used as a security layer on top of OAuth2 to prevent the exposure of the access token during requests.
A valid request token cannot be produced without the secret, nor will endpoints accept a request without a valid token, and DTRelay can guarantee the authenticity of the communication and that the secret is safe. Only the client and the Relay share a secret, so no one else can spoof it.
DTRelay Can Prevent Many Known Internet Security Vulnerabilities
DTRelay dramatically reduces the attack surface used to target JavaScript and HTML, making it virtually impossible to expose your secure data to hackers. All you have to do is put DTRelay in front of the API, and it protects the communication between the client and the API for you.
Click here to find out more!