Authentication Server

Centrally manage authentication process for multiple online services and choose the appropriate login mechanism for each service and user.

Contact us

Why Choose Us?

Comtrade Authentication Server is a cost-effective way to centralize authentication and identity management processes for multiple applications.

Configurable policies enable you to assign different credential types to users, such as passwords, one-time passwords, or PKI certificates. Single sign-on for web applications is supported, as well.

User Identification and Authentication

IDENTIFICATION: user declares his/her identity, without proving it (e.g. username).

AUTHENTICATION: user proves his/her identity, using secret data that only he/she knows (e.g. password), or possesses (e.g. secret key on smartcard), or is an integral part of a user him/herself (biometric authentication data, such as fingerprint).

Authentication Mechanisms

  • Username and static password
  • PKI / X.509 Certificate
  • NTLM / Active directory
  • SMS OTP – One-time password sent via SMS to the user’s mobile phone
  • OTP / TAN lists – pre-distributed lists of pseudorandom OTPs – One-time passwords (sometimes also referred to as TANs - Transaction authentication numbers, based on the context of their use: login or transaction confirmation)
  • Comtrade Mobile Token Library (One-time passwords generated on the user’s mobile device, without the need for SMS or mobile connectivity)

Key Features

  • Various certificate options:
    • our own certificates, with the on-premise of an authentication server,
    • out-of-the-box integration of a trusted third party certificate providers (HID),
  • numerous integrated, build on cloud, certificate providers
  • Basic functionality is responding to the authentication requests
  • Activation of credentials (enrollment)
  • Web administrator/operator GUI (function also available via API):
    • management of identities through their entire lifecycle,
    • management of credentials for supported authentication mechanism, through their entire lifecycle (create, assign to identity, dispose/invalidate),
  • management of relations between identities and credentials.
  • Security audit trail
  • Integration with out-of-band communication channels (SMS, e-mail)
  • High availability/load balancing via platform capabilities (Windows/IIS/.NET NLB, MS SQL Server options, etc.)