Supports multiple authentication technologies from mobile PKI, FIDO, hardware tokens to legacy SMS OTP
Integrates and complements existing identity and user management solutions
Future proof technology with a unified authentication API for all your services
Inside Secure Strong Authentication Server is a scalable server solution supporting multiple out-of-band user authentication and transaction authorization methods and technologies. The solution integrates with and complements existing Identity and Access Management (IAM), Single-Sign-On (SSO) or other user management solutions, and provides online service providers with a future proof universal platform for modern user authentication.
The supported software and hardware based multi-factor (MFA) and 2-factor (2FA) authentication technologies are:
Mobile PKI with Biometrics
Authenticate users with digital signatures (PKI) and Biometrics using the Inside Secure Strong Authentication Client integrated into your own mobile app or with a turnkey whitelabel Smartphone App Authenticator, no specific hardware is required. Each authentication transaction has a dynamic authentication policy which defines whether the user is further authenticated with a PIN code, fingerprint or a face recognition in the app.
FIDO UAF and U2F
Strong Authentication Server supports industry standard FIDO authenticators. User can be authenticated with a FIDO Security Key hardware token or a FIDO enabled mobile device.
Any FIDO compliant hardware authentication tokens can be used.
Legacy and fallback OTP
Strong Authentication Server supports multiple One-Time-Passcode (OTP) based authentication methods. Inside Secure Strong Authentication Client and turnkey Smartphone App Authenticator generates standards Time-based One-Time-Passcodes (TOTP), any OATH standard compliant hardware tokens can be used, the server can be configured to send out OTP codes over SMS, and even a printable paper list of one-time-passcodes can be pre-generated for the end-users.
Inside Secure Strong Authentication Server can be used as a shared or dedicated cloud service, or deployed on-premises at your data center. The solution supports multi-tenant deployments and do not store or manage end users personal information. All user accounts and data are managed by your existing solutions.
The server software includes a built-in virtual Certificate Authority (CA) for PKI, but a separate CA can also be deployed or an existing in-house CA can be used. The software can be scaled for millions of users and deployed in multiple data centers for High Availability.
Integration with existing systems and solutions
Strong Authentication Server provides an Authentication API for existing user management or authentication solutions to request user authentication or transaction authorization. The solution is also already pre-integrated with several identity management solutions in the market.