Technical overview

Key technical advantages

• Black box concept – the solution acts as a “black box” towards 3rd-party applications, thus enabling smooth integration and limiting modifications on 3rd party systems in the environment.
• Multi-Token support – support for Gemalto, Vasco, ActivIdentity (HID), RSA, Ireth, SmartDisplayer, Feitan, NegraID, EMV CAP.
• Authentication methods – One-time Passwords, Challenge/Response (CR), Message Authentication Codes (MAC), Multiple Data Signature (MDS), Host Verification (HV), Login by QR code, QR code authentication, Push notification authentication for the OATH standard. Mode1, Mode2, Mode2 with TDS, Mode 3 and Mode3 with TDS for MasterCard CAP (Chip Authentication Program) and PLA (Perso/PIN less), and VISA DPA (Dynamic Passcode Authentication) support.
• Support for the latest MasterCard’s AA4C (Advanced Authentication for Chip) PLA 2010 and the CTGS 2010 specification.
• Mobile token support – support for iPhones, Android mobile phones.
• Administration – rich-featured administration enables easy personalization and monitoring, as well as card profile setups, HSM keys management, detailed transaction history, token synchronization, etc.
• Auditing – all transactions are logged, both authentication requests and results, as well as administrator activities; and each log is tamper-proof, digitally signed and time-stamped.
• High availability – the solution architecture enables clustering and load-balancing, which results in high reliability and authentication request workloads.
• Platform independency – Java development toolkits provide support for multiple server platforms and operating systems.

Modules

SxS enables a smooth integration and implementation of strong authentication services, and enhances the security of the clients’ existing infrastructure with the Asseco SxS extension modules.

• Microsoft Window Login By using the SxS credential provider module enterprises can allow the users of multi-factor authentication solution to login on Windows locally or remotely.
• Standardized Login on Linux and Unix operating systems – The Asseco SxS PAM (Pluggable Authentication) module is a standardized way of authenticating end users with MFA to various Linux and Unix operating systems.
• Multi-factor authentication for Microsoft VDI (Virtual Desktop Environment) – The Asseco SxS PAAS (Pluggable Authentication and Authorization Service) module allows a seamless integration of MFA in the Microsoft VDI environment.
• Kerberos Agent for Microsoft operating systems – By using the SxS Kerberos module enterprise can enable any Kerberos-based service to use multi-factor authentication. The list of applications includes OWA (Outlook web access), Citrix, etc.
• Radius integration – The SxS RADIUS module enables a smooth integration with different hardware and software network devices. For more details download our data sheet.

• Our SxS helps banks comply with the PSD2 regulation by meeting the Strong Customer Authentication (SCA) and Dynamic Linking PSD2 requirements
• GDPR and PCI-DSS compliant user access control solution
• Enabling enterprises from various verticals to provide local and remote login functionalities to individual IT components, e.g. application, services, operating systems and network components
• SxS raises the security level of internal company applications which handle sensitive data, by enabling two-factor authentication (2FA) protection.
• Mitigating the CNP (Client not present) fraud in branch offices. A single authentication platform for banks, enabling centralized authentication for different channel applications, such as mobile banking, internet banking, call centers (IVR), 3D Secure
• Enables security service providers to offer security services to various organizations.