The SecSign ID Server offers its users various 2FA methods with appropriate licensing, including:
PKI-based Challenge Response Authentication via Smartphone Apps and Desktop Apps
The SecSign ID Server is a Certified FIDO Server allowing users to also use FIDO Tokens and Platform Authenticators
You can use a Smart card / Signature card to perform 2FA authentication, for example against a website
With One Time Password Generators, for instance, hardware tokens but also apps like Authy, Microsoft Authenticator, Google Authenticator, and more.
When logging in, the user also receives an email with a One Time Password
On one hand, we offer ready-made plugins which can directly utilize these methods, such as the Atlassian plugins. On the other hand, these methods can also be used through an Open ID Connect (oAuth) OIDC or SAML integrations.
First, it must be checked whether 1. entirely new users who are not yet “known” or 2. existing users who may already have a password and username login or other authentication credentials.
For 1., it must be decided how strongly these new users need to be identified. For this, we have various onboarding and identification options in our server. This ranges from a simple self-enrollment (user registers themselves), through on-site identification and registration by Registration Authorities (RA positions) (trained employees of the own company) this can also be done via video identification, up to using the personal ID card with its eID function.
Is there already an existing leading Identity Provider solution in use?
When introducing a 2FA solution, it is necessary to carefully examine in which systems the 2FA should be implemented.
If only a specific solution needs to be secured, it can be done quite simply, for example, through integration with a plugin or directly via a REST API.
If the goal is to be able to centrally control/manage 2FA and/or access rules and integrate 2FA into different systems, it should be considered to integrate the SecSign ID Server via Open ID Connect (oAuth) OIDC or SAML. And in this case, it should also be checked whether the SecSign ID Server should then not itself become the IDP. Here, it is of course possible to connect an existing Active Directory (AD) or other user sources to the SecSign ID Server.
If you prefer to operate everything in-house or on-premise, that is also perfectly feasible.
Benefit from everything being perfectly designed to work together by one company, and forget about cobbled-together legacy systems that require you to bring in dozens of different manufacturers!
Want to learn more about SecSign’s innovative and highly secure
solutions for protecting your user accounts and sensitive data?
Use our contact form to submit your information, and a SecSign sales representative will contact you within one business day.
If you need assistance with an existing SecSign account or product
installation, please see the FAQs for more information on the most common questions. You don’t find the solution to your problem? Don’t hesitate to contact the
Product Support
I am Interested in