Indeed Certificate ManagerIndeed Certificate Manager Indeed Access Manager Indeed Privileged Access Manager
Reducing the cost of managing the public key infrastructure - automation of smart cards and certificate tasks, centralized distribution of PIN code policies
Using the public key infrastructure is associated with multiple routine operations on issuing, use control and revocation of certificates and smart cards. Basic tools of certification authorities are not intended for user smart card management and allow for standard operations with certificates only. All the Indeed CM settings are distributed via policy mechanism. The policy contains the data required to connect to certification authorities, list of certificates to be issued, as well as additional certificate parameters (such as key backup, automatic approval of issue etc.).
Control of using the smart cards and digital certificates - centralized management and tracking of digital signature tools
Many companies make it a common practice to use smart cards and digital certificates. These are used both internally - for e-mail protection, internal document flow, user authentication - and for communication with third parties, working at trading platforms, in online banking services and for generating a qualified digital signature. The certificates can be issued either by the company’s own certification authorities, or by external organizations. The management of distributed population of smart cards becomes a complex task, which is to be solved by special systems. The Indeed Certificate Manager offers a centralized and effective smart card management system for the task.
Two-factor authentication with smart cards in operating system and applications - replacement of passwords by two-factor authentication
The standard password authentication does not provide for security level sufficient for modern companies. The following information security risks can be associated with password usage. The users do not utilize complex or longer passwords, as a rule, because these are difficult to devise and memorize. This allows an intruder to mine employee account passwords. The employees use one and the same password for all applications and services quite frequently. This makes the problem even worse, since, having mined the password to one of the systems, an intruder gains access to all the resources available to the compromised user.
Digital signature with smartphone for online banking - platform to implement digital signing and secure messaging operations via user smartphone.
A convenient and secure interface of online banking is vital for success of any contemporary bank. In the context of cyber security, the main object to protect in online banking service (OBS) scenarios are various transactions with customer accounts, and, consequently, protection of transaction digital signing operations. The cloud technologies of digital signing are the most convenient to end-users, as these methods do not require additional cryptographic devices (tokens, smart cards etc.). However, the absolute majority of cloud signature implementations center around user authentication via SMS and key information being stored at servers in HSM.
Meeting the requirements of PCI DSS standard to user authentication - solving the problems of multifactorial authentication in information systems
In April 2016, the new PCI DSS 3.2 version was adopted. Some of the changes introduced in this version become effective on the February 1st, 2018. These are changes in employee authentication upon access to bank information systems. In particular, starting from February 1st, 2018, multi-factor authentication becomes mandatory for a number of access scenarios. The PCI DSS defines the following factors or methods of user authentication: something that you know; something that you have; something that you possess. Here are some examples of the mentioned factors, that are the most frequently used in practice of multi-factor authentication.