Authenticators

- Industries
- Solutions
  - Our Expertise
  - Strong Identities
  - Secure Payments
  - Protected Data
- Featured Products
  - As a Service Products
- Enterprise ID & Issuance
  - Instant ID as a Service
    Learn More
  - Instant Issuance
- Financial ID & Issuance
  - Digital Card Solution
    Learn More
  - Digital Banking
    1. Digital Account Opening
    2. Digital Card Solution
  - Instant Issuance
  - Central Issuance
- Government ID & Issuance
  - Digital Citizen
    1. Seamless Travel as a Service
    2. ePassport as a Service
  - Instant Issuance
    1. Other citizen IDs and licenses.
    2. System Software
    3. Supplies
    4. Services
  - Central Issuance
    1. Passports, national IDs and driver licenses.
    2. Passport Issuance Systems
    3. National ID and Driver License Systems
    4. Inline Delivery & Insertion
    5. Standalone Delivery & Insertion
    6. System Software
    7. Supplies
    8. Services
  - Identity Verification as a Service
    Our IDVaaS solution allows remote verification of an individual’s claimed identity for immigration, border management, or digital services delivery.
    Learn More
- Cloud Security Posture Management
  - CloudControl 30-Day Free Trial
    Entrust CloudControl offers comprehensive security and automated compliance across virtualization, public cloud, and container platforms while increasing visibility and decreasing risks that can lead to unintended downtime or security exposure.
    Start Free Trial
- Key Management and Encryption
  - KeyControl for VM Encryption
  - KeyControl 30-Day Free Trial
    VMware vSphere and vSAN encryption require an external key manager, and KeyControl is VMware Ready certified and recommended. KeyControl enables enterprises to easily manage all their encryption keys at scale, including how often keys are rotated, and how they are shared securely.
    Start Free Trial
- Hardware Security Modules (HSM)
  - 1. nShield as a Service
  - nShield HSMs
  - Why you need an HSM
    Learn about all the details related to what hardware security modules offer you in security and cost savings...
    Learn More
- Digital Certificates
  - 1. Buy Certificates
    2. Renew Certificates
  - TLS/SSL Certificates
  - Qualified Certificates
    1. QWAC eIDAS Certificates
    2. QWAC PSD2 Certificates
  - Sales and Services
- Identity and Access Management (IAM)
  - Products
    1. Identity as a Service
      Cloud-Based IAM
    2. Identity Enterprise
      On-prem IAM
    3. Identity Essentials
      On-prem MFA solution for Windows users
    4. APIs and SDKs
  - Get Entrust Identity as a Service Free for 60 Days
    Explore the Identity as a Service platform that gives you access to best-in-class MFA, SSO, adaptive risk-based authentication, and a multitude of advanced features that not only keep users secure, but also contribute to an optimal experience.
    Start Free Trial
- Electronic and Digital Signing
  - Digital Signing as a Service
  - Digital Signing Certificates
  - Digital Signing Infrastructure
  - EU Qualified Trust Services
    In addition to our long-standing Adobe Approved Trust List (AATL) membership, we are a European Qualified Trust Service Provider for the issuance of eIDAS qualified certificates for qualified signatures and advanced seals, for PSD2 certificates and for QWACs
    Learn More
- Public Key Infrastructure (PKI)
  - PKI Products
  - Managed Services
  - Cryptographic Center of Excellence
  - Try Post-Quantum PKI as a Service Now
    Get PQ Ready. PKIaaS PQ provides customers with composite and pure quantum Certificate Authority hierarchies.
    Try Now
- Resources
  - Issuance Systems Knowledge Base
    Learn More
  - Digital Security Knowledge Base
    Learn More
  - Cybersecurity Institute
    Get critical insights and education on security concepts from our Trust Matters newsletter, explainer videos, and the Cybersecurity Institute Podcast.
    Learn More
- Partners
  - Partner with Entrust
    Join one or more of our partner programs and we’ll help you increase profitability, expand your brand, and target strategic customers.
    Learn More
  - Partner Directory
    Search for partners based on location, offerings, channel or technology.
    Search for a Partner
  - Programs
  - Partner Logins
- Buy
  - Shop Certificate Services
    Shop for new single certificate purchases.
    Learn More
  - Certificate Services Customer Portal
    Existing Entrust Certificate Services customers can login to issue and manage certificates or buy additional services.
    Learn More
  - Certificate Services Partner Portal
    Existing partners can provision new customers and manage inventory.
    Learn More
  - Instant Financial Card Issuance Supplies
    1. Registered Customer Login
    2. Request Access
- About Entrust
  - Securing a World in Motion Since 1969
    We’ve established secure connections across the planet and even into outer space. We’ve enabled reliable debit and credit card purchases with our card printing and issuance technologies. Protected international travel with our border control solutions. Created secure experiences on the internet with our SSL technologies. And safeguarded networks and devices with our suite of authentication products.
    Explore Our History
  - Cybersecurity Institute
    Get critical insights and education on security concepts from our Trust Matters newsletter, explainer videos, and the Cybersecurity Institute Podcast.
    Learn More
- Search Entrust
  - Search:

Exploring the Options

Transparent Authentication

Transparent authenticators validate users without requiring day-to-day involvement.

Digital Certificates

Our authentication solutions can leverage existing X.509 digital certificates issued from an Entrust managed digital certificate service or a third-party service to authenticate users. Certificates can be stored locally or on secure devices, such as smart cards and USB tokens.

IP-Geolocation

Authenticated users can register locations where they frequently access a corporate network or other key assets. Our solution compares current location data — country, region, city, ISP, latitude and longitude — to registered location data. You can then step up authentication when values don’t match. Other features include the ability to create blacklists of regions, countries or IPs based on fraud histories.

Device Authentication

You can create an encrypted profile after an authenticated user registers a frequently used computer or device. During subsequent authentication, our authentication software creates a new profile and compares it to the stored value. Step-up authentication is required only when the values don’t match.

Physical Form Factor Authentication

Physical form factors are tangible devices that users carry and use when authenticating.

One-Time Passcode Tokens

We offer two versions of the popular one-time-passcode (OTP) token. Our mini-token option is OATH-compliant and generates a secure eight-digit passcode at the press of a button. An OATH-compliant Pocket Token offers additional features, including PIN unlock prior to generating the passcode, in addition to a challenge-response mode.

Display Card

This authentication option provides the same functionality as the popular token in a credit card format. In addition to providing an OATH-compliant, one-time passcode, a display card includes a magnetic stripe and can optionally include a PKI or EMV chip for greater versatility.

Grid Authentication

Our patented grid card is a credit card-sized authenticator consisting of numbers and characters in a row-column format. Upon login, users are presented with a coordinate challenge and must respond with the information in the corresponding cells on their cards.

One-Time Passcode List

End-users are provisioned with a list of randomly generated passcodes or transaction numbers (TANs) that are typically printed on a sheet of paper and distributed to end-users. Each passcode is used just once.

Biometrics

Entrust leverages biometric fingerprint data to provide an effective balance between authentication strength and user convenience for Microsoft® Windows® login. To protect user privacy, fingerprint data is stored in a database or on an Entrust smartcard as an encrypted mathematical representation — sometimes known as a hash — and compared to the actual fingerprint provided at the time of authentication.

Non-Physical Form Factor Authentication

Non-physical form factor authentication provides methods of verifying user identities without requiring them to carry an additional physical device.

Knowledge-Based Authentication

Knowledge-based authentication challenges users to provide information an attacker is unlikely to possess. Questions presented to the user at the time of login are based on information that was supplied by the user at registration or based on previous transactions or relationships.

Out-of-Band Authentication

This method leverages an independent and pre-existing means to communicate with the user to protect against attacks that have compromised the primary channel. Our solutions support this capability by allowing the generation of one-time confirmation numbers that can be transmitted along with a transaction summary to the user. This can be done directly via email or SMS, or sent through voice to a registered phone number.

Entrust Identity Enterprise Mobile

Whether for consumer, government or enterprise environments, Entrust Identity Enterprise provides mobile security capabilities via distinct solution areas — mobile authentication, transaction verification, mobile smart credentials, and transparent authentication technology with an advanced software development kit. Supporting the use of the OATH standard for time-based OTP, as well as out-of-band transaction signatures, Entrust Identity Enterprise Mobile is one of the most convenient, easy to use and secure mobile authentication methods available today.

Mobile Smart Credentials

Eliminate the need for physical smart cards by transforming mobile devices into mobile credentials for enterprise-grade authentication. Advanced mobile smart credentials can be used with Bluetooth and near-field communication (NFC) technology for greater convenience and secure connectivity.

SMS Soft Tokens

SMS soft tokens enable the transmission of a configurable number of one-time passcodes (OTP) to a mobile device for use during authentication. Automatically replenished as needed, this dynamic soft-token approach delivers the strength of out-of-band authentication without the concern for constant network availability, delivery timing or software deployment to a mobile device.