Gluu developing oxPush to enable push notifications for two-factor authentication

Open source two-factor authentication software enables companies to send out-of-band verification notifications via the Google or Apple mobile push networks.

October 21, 2013 – Austin, TX – Gluu announced that it is developing oxPush, the first open source platform to enable organizations to identify a person on the Internet by sending an out-of-band PUSH notification to a mobile device. A push notification can be used in addition to, or instead of a password. It provides a much higher level of assurance that the person is actually who they say they are.

The service can easily support two-factor authentication push notifications in all major mobile operating systems, including Android and iOS. Gluu will incorporate oxPush into the Gluu Server at no additional charge.

“There is no license or service fee to use passwords,” says Gluu CEO Mike Schwartz. “We wanted to make other free “factors” of authentication available to the Internet.”

The need for two-factor authentication has been driven in large part by increasing security concerns for network, PC, and the Internet. New legislative compliance requirements and an increase in the number of smartphones with multi-factor authentication technology have also acted as drivers for organizational uptake.

“Many organizations use the OX open source identity platform because it enables the use of any strong authentication providers unique mechanism. Our goal was to provide our customers with a simple two-factor authentication solution that didn’t involve charging large license or per user fees,” continued Schwartz.

Recently the market for multi-factor authentication has seen increased awareness as large organizations with global brands continue to be the focus of media attention for ill-advised security practices that have resulted in the hacking of large quantities of personally identifiable information (PII).

“It seems like there’s a new story every week about a major organization getting hacked for sensitive user data. Clearly two-factor authentication is no longer just a nice option; It’s a must-have,” says Schwartz.

Gluu’s mobile application for two-factor authentication is currently under development and is slated for release in December 2013. oxPush will be made available for open source use under an MIT license.

For more details, or to schedule a demo of the complete, integrated Gluu Server solution for single sign-on, strong authentication, and web access management, visit Gluu’s website at

About Gluu:
Gluu helps organizations design, build, and operate authentication and authorization (“AA”) systems to secure web and mobile applications using open source software. Gluu leverages open standards such as OAuth 2.0, SAML, and RADIUS to enable organizational strong authentication, single sign-on (SSO), and web access management (WAM). The “OX” open source project, maintained by Gluu, implements two profiles of Oauth2: OpenID Connect for authentication and UMA for authorization. The Gluu Server subscription is a managed service that enables organizations to provide standards based access management for their Internet domain, on the IAAS platform of their choice.

Get News and Product Updates