Revolutionizing Dropbox’s Two-Factor Authentication Logins with QR Scans | KOBIL
"Deployed by more than 3,000 companies with over 50 million active users worldwide and recognized by Gartner Market Guides and Hype Cycles."
Contact Us
Revolutionizing Dropbox’s Two-Factor Authentication Logins with QR Scans

Revolutionizing Dropbox’s Two-Factor Authentication Logins with QR Scans

Revolutionizing Dropbox’s Two-Factor Authentication Logins with QR Scans
450,000
Dropbox Business and 12.7 million private accounts protected
$8bn
Dropbox valuation defended by KOBIL technology

Introducing Dropbox

US-based file hosting service Dropbox is one of the world’s biggest and most recognizable cloud storage brands.

Valued at US$8 billion when it filed for an IPO in 2018, its worldwide growth represents a remarkable success for founders Drew Houston and Arash Ferdowsi.

They launched the company in 2007 with an aim to deliver a simpler way to keep files in sync. Today it offers two main tiers of service: individual accounts and team (Dropbox Business) accounts.

Challenges

Dropbox Business accounts are used around the world to power safe and secure collaborative working across enterprises large and small.

Customer data protection

Each account stores sensitive data, documents and other confidential information, meaning ongoing security is a priority for both Dropbox and its Dropbox Business customers.

A key priority, therefore, was to ensure that at all times only the right person has access to the right information. Integrating trusted digital identities into Dropbox’s log-in procedures was a major objective.

Static password replacements

Aware that static passwords or OTP solutions are inherently insecure (apps for these are not protected and messages can be intercepted), Dropbox sought a multi-factor authentication solution that would guard against malicious attacks without disrupting the user experience.

Solution

Our expertise was enlisted to develop a hardened multi-factor authentication app built on QR codes, enabling Dropbox to reassure its users without introducing an unwieldy login process.

Secure access

At each login, Dropbox Business users see a unique, user specific QR code. And because no sensitive password or log-on data is entered through the keyboard of the device, key loggers and other similar attack methods were instantly rendered powerless.

The Dropbox user simply opens their ‘Trusted QR Login’ app on their device and scans the generated QR code. This separately secured app automatically sends the scan to KOBIL’s Smart Security Management Server, which confirms the user’s identity and authorization to Dropbox.

Scanning the code provides a secure two-factor authentication experience, because both the smartphone’s PIN (or TouchID on iOS devices) is used to open the app before the scan takes place.

Thanks to KOBIL’s PKI-based solution and Digitanium, our end-to-end communication channel, Dropbox users can now access their Dropbox Business and private accounts 100% securely from their desktop, browser or mobile device – anywhere in the world.

Built on existing systems

KOBIL’s QR code authentication system can be deployed quickly and seamlessly, with your existing Lightweight Directory Access Protocol (LDAP) or Active Directory acting as the basis for the verification process. This was a key attraction for Dropbox.

Streamlined experience

Users can now access Dropbox URLs by verifying their identity with a QR code. There is no need to specify an email address, making the entire process hassle-free and straightforward – without compromising on safety and security.

“We’re constantly developing new solutions to make our users’ two-factor authentication as easy as possible. Passwords and their duplicate use are still the biggest weakness in online accounts. Two-factor authentication is therefore essential.”
Marc Paczian
Marc Paczian Solutions Architect

Results

Around the world, more than 450,000 teams using Dropbox Business accounts have seen their online security enhanced with seamless authentication processes that do not require passwords.

The introduction of QR codes has also increased the security hurdles faced by external devices, giving users even more faith in Dropbox’s systems.

This has boosted trust and goodwill towards Dropbox, enabling it to continue to plan for an exciting future without the concern of simple security breaches undermining its market positioning.