Why CyberloQ?

CyberloQ has only one purpose: we efficiently and effectively secure access to our client’s digital assets.

Our comprehensive solution – CyberloQ Secure – achieves this purpose by implementing an innovative Adaptive Trust Architecture. At the heart of this architecture is a proprietary Transaction Risk Assessment engine that leverages leading-edge Multi-Factor Authentication and Authorization (MFA) protocols to prevent fraudulent access to our client’s online systems and the digital assets and sensitive information that they house.

Key characteristics of CyberloQ Secure include:

  • A truly multi-factor security protocol that includes client-defined location-based geofencing constraints.
  • An intelligent risk calculation algorithm that sets a risk profile for each Authentication or Access attempt.
  • A corresponding set of client-defined business rules that drive escalation through our Adaptive MFA.

CyberloQ Secure is delivered as a robust API for rapid, seamless integration into our client’s existing systems. And the entire platform – our highly secure, highly elastic, highly scalable Adaptive Trust Architecture – is hosted in a flexible cloud-based Infrastructure Implementation.

This is our Adaptive Trust Architecture in action!


CyberloQ Secure is engineered from the ground up to Authenticate and Authorize – or not! – based on three core concepts that work in tandem: Zero Trust, Risk Assessment, and Adaptive Trust.

By default, any digital asset that is protected by CyberloQ Secure is turned off. Similarly, any Registered User as well as all of their registered devices are treated as untrusted by default.

Having started from the initial state of zero trust, CyberloQ Secure completes a risk analysis and produces a Risk Profile for the request at hand – this is the case whether that request is for a User and Device requesting authentication, or for an already authenticated User and Device now requesting access to a specific protected digital asset.

With this Risk Profile in hand, CyberloQ Secure now applies the client’s pre-defined set of business rules that dictate the appropriate set of MFA challenge(s) to present the requestor. Based on the Risk Profile in question, this could range from no Challenge at all (i.e., complete trust) to multiple Challenges (i.e., low trust).

All of this happens nearly instantaneously and, if deemed necessary by the client’s business rules, the Requestor receives the Challenges directly on their device – if they successfully satisfy the Challenges, they’re in!

This is our Adaptive Trust Architecture in action!


CyberloQ Secure is considerably more than the typical off-the-shelf MFAs available today, CyberloQ Secure is a comprehensive, fully integrated cybersecurity offering – your trusted ally in conquering the complexity of securing your digital assets. This offering includes:

  • CyberloQ Secure

    The core Security capabilities that comprise our Adaptive MFA protocol, including our powerful Geofenced location constraints.

    • CyberloQ Secure is the foundational Platform used to protect our client’s digital assets.
  • CyberloQ Control

    The Administration capabilities required for managing the CyberloQ implementation, including onboarding Users, registering their devices, establishing their specific geofence constraints, and associating the digital assets which they are allowed to access and utilize.

    • CyberloQ Control is a browser-based application for clients to manage CyberloQ Secure.
  • CyberloQ Key

    The user-facing Mobile App that enables robust, real-time verification of users and devices before they are allowed access to the protected digital assets.

    • With CyberloQ Key, only when the key “fits the lock” does the user gain access to protected assets.
  • CyberloQ Link

    The custom Communications Protocol we build for any client who elects to integrate CyberloQ Securer’s capabilities directly into their existing business systems via Application Program Interface (API).

    • CyberloQ Link is the API-to-API “handshake” between CyberloQ and the Client’s existing systems.
  • CyberloQ Cloud

    Whether implementing our full offering or only a subset of the above solutions, clients have the option to either host the implementation themselves or engage our Managed Solutions Service.

    • CyberloQ Cloud is our subscription-based service for creating and managing the cloud environment on our client’s behalf.


CyberloQ Secure is our full-featured framework for continuously applying our robust, adaptive authentication and authorization protocols to secure our client’s online systems and the digital assets that they house. CyberloQ Secure stands as both the gateway for the client’s legitimate stakeholders seeking to access and utilize those systems and assets, and the gatekeeper unauthorized “bad actors” locked out.

CyberloQ Secure is fully compliant with the European Union’s Second Payment Services Directive (PSD2) which articulates a Strong Customer Authentication (SCA) requirement to verify two out of three “Factor Type” assurances:

  • Something the customer knows, such as a password or PIN.
  • Something the customer has, such as a smartphone, smart card, or wearable device.
  • Something the customer is, such as a fingerprint, facial recognition, or voice recognition.

Our Adaptive MFA takes the typical SCA requirements for PSD2 to the next level – going above and beyond the three “Data & Device” assurances, our Adaptive MFA dynamically employs one or more challenges from both “Data & Device” and “Behavioral” assurances to validate every Authentication and Access Request. These additional Behavioral Attributes draw on:

  • Something the customer does, such as a specific keystroke or swipe.
  • Something about the customer, such as current location, travel history, usage history.


Multi-factor Authentication

CyberloQ Secure – is a cybersecurity solution that enables clients to implement highly robust Multi-Factor Authentication (MFA) that includes client-defined location-based geofencing constraints. Our state-of-the-art solution protects access to our client’s sensitive Personal Identifiable Information (PII) and to any digital assets including, but not limited to:

  • Bank Card and Digital Payment Programs: any bank issued credit, debit, prepaid cards.
  • Websites: all internal and external facing websites and sub-sites which, collectively, encompass an organizations web presence.
  • Business Applications: any software tool that requires user input of predefined credentials – typically, User ID and Password – in order to access their functionality and/or the data and documents.
  • Internet of Things Platforms: both the myriad of connected “smart devices” themselves, and the data aggregation and analytics platforms into which they are integrated.
  • Equipment or Process Activations: including Smart Devices, Key Card Entry Systems, etc.
  • Structured Data: information that is stored in traditional “column-and-row” database systems and that can be accessed directly using database query tools.
  • Unstructured Data:  information stored in formats other than a structured database – e.g., documents.