OneSpan Authentication Server


Onespan's IDENTIKEY Authentication Server is the next-generation centralized authentication server that supports DIGIPASS technology. It verifies authentication requests from individuals trying to access the corporate network or business applications.

IDENTIKEY Authentication Server supports the following primary functions:

  • DIGIPASS one-time password authentication
  • DIGIPASS signature validation

An organization can provide its users with DIGIPASS authenticators to ensure that the users log in to secure systems via strong authentication. The DIGIPASS authenticator provides the OTPs and the DIGIPASS users can use these OTPs instead of or in addition to a static password for the login.

In addition, a DIGIPASS authenticator can also be used to sign transaction data. Here, the user manually enters key details of the transaction into the DIGIPASS authenticator or, with devices that support this functionality, scans an image- in form of a QR code or a color QR code - provided on the transaction page, and receives a signature. The user then enters that signature into a transaction confirmation page to confirm that the transaction is authorized.

There is also the Virtual DIGIPASS, a mechanism where an OTP is generated by the server and sent to the user's mobile phone or email account. In this case, a physical DIGIPASS device is not needed.

IDENTIKEY Authentication Server supports the following authentication modules:

  • Corporate and Remote Access Clients: IDENTIKEY Authentication Server supports the RADIUS protocol (according to RFC 2865) for remote network access, such as VPNs.
  • Web Applications: IDENTIKEY Authentication Server provides support for web applications through an SDK based on the standard SOAP protocol. These applications may cover operational tasks such as authentication and signature validation, provisioning of Software DIGIPASS or administration of DIGIPASS Authentication for Microsoft ADFS.
  • DIGIPASS Authentication for Windows Logon: DIGIPASS Authentication for Windows Logon provides users with login access to Windows using a DIGIPASS authenticator. DIGIPASS Authentication for Windows Logon integrates seamlessly with the existing Windows logon system. The user ID is entered along with a one- time password generated by the DIGIPASS authenticator.
  • DIGIPASS Authentication for OWA (Outlook We Access): The DIGIPASS Authentication for Microsoft Outlook Web Access module adds an extra security layer to remotely access confidential information over unsafe networks using OTPs.
  • DIGIPASS Authentication for Remote Desktop Web Access (RDWA): Remote Desktop Web Access (RD Web Access) enables users to access RemoteApp and Desktop Connection through the ‘Start’ menu on a computer that is running Windows 7 or through a web browser. VASCO’s DIGIPASS Authentication integrates with the Web Access interface that runs on an IIS webserver, and directs all authentication validation requests towards the IDENTIKEY Authentication Server.
  • DIGIPASS Authentication for Microsoft ADFS: This is an add-on authentication module for Microsoft Active Directory Federation Services (ADFS) and provides strong authentication using a DIGIPASS authenticator. DIGIPASS Authentication for Microsoft ADFS contains an ADFS authentication provider that can be used as an additional authentication method. This allows for authentication against AD as the primary authentication, and authentication via a DIGIPASS authenticator as the additional authentication.
  • DIGIPASS Authentication for Citrix Web Interface (CWI): VASCO’s DIGIPASS Authentication integrates with Citrix Web Interface for XenApp and XenDesktop without undermining the existing functionality. At customer login, IDENTIKEY Authentication Server validates the submitted user credentials. Once validated, the user is granted access to all authorized applications.


IDENTIKEY Authentication Server supports the following authentication modules:

  • Keep all levels of IT infrastructure safe with automated updates
  • Optimize the load on bandwidth with WithSecure Proxy when distributing updates
  • Centrally define and distribute security policies and monitor the company's overall security
  • Take control of security with functions like Web Content Control, Connection Control, Advanced
  • Protection and Botnet Blocker
  • Automate patch management with Software Updater
  • Manage both physical and virtual environments with one tool