Skip to content

Managed Authentication

It’s all about positive identification.


What’s the weakest link in most businesses? The password. It’s either too easy to guess or too obscure to remember and is usually then written down. Not good. And with remote access growing, there’s even more of a need to provide greater flexibility without compromising security. Consider this: according to the DTI Security Breaches Survey, 87% of large businesses reported suffering a security breach. The average cost of critical breaches? £90,000. Ouch.

Here’s the good news: our Managed Authentication Service overcomes this weakness by providing a solution using two-factor authentication that’s simple to integrate with existing systems, has affordable monthly costs and, because it resides ‘in the cloud’, requires no additional kit. The bonus is that it can easily scale to change along with your business. So, when it comes to authentication, think positive. We always do.

Key features

  • A two-factor authentication service that enables positive ID of end users when connecting to your network.
  • Our Managed Authentication Service Portal (MAP) can be accessed using any standard web browser and is itself secured using two-factor authentication.
  • Reliable - our managed service is built upon resilient architecture located in multiple secure data centres around the globe, which means we’re able to offer 99.999% service availability (and it really doesn’t get any safer than that)

The two key elements

We’ve teamed up with CRYPTOCard, whose award winning two-factor authentication technology is used by a number of global organisations. The two key elements are:

  • Tokens that generate a new One Time Password (OTP) for use by the end user and are available in a wide range of formats including hardware, software and SMS styles to provide the utmost in convenience, portability and durability.
  • The Authentication Service, which is internet based and has two key functions; to validate end user credentials passed to it by the authentication node, and to provide a portal for the day-to-day admin and management of the service.

Better safe than sorry, we say.

Managed Authentication is designed to help you:
Discover how we can connect and transform your business.

Features & Benefits


  • Award winning - MAS is powered by CRYPTOCard’s award winning two-factor authentication technology and managed authentication service.
  • Choice -  a variety of tokens are available for use with the service, including traditional key chain tokens, software tokens, Blackberry® tokens and SMS based mobile phone tokens.
  • Reliable - our managed service is built upon resilient architecture located in multiple secure data centres around the globe which means we offer 99.999% service availability.
  • Flexible – MAS is compatible with all leading makes of access devices and applications such as Juniper, Cisco, Citrix, Microsoft etc. which can be simply integrated to work with your existing systems.
  • Control - a simple-to-use and secure portal provides you with immediate access to administrative functions plus comprehensive service reporting, so you remain in complete control of your users and tokens.


  • Affordable - with no servers to purchase, no IT training required and no network implementation to undertake, costs are low. Our ‘token inclusive’ pricing option also means that there’s no need to purchase tokens up front.
  • Rapid deployment - with no new hardware or software to deploy, a simple change to your authentication device to forward requests to MAS is all that’s required to get you up and running and your users authenticated securely.
  • Usability - a wide choice of token types allows the need for secure authentication to be provided in a form that’s convenient to end users, simple to use and cost effective.
  • Scalable - whether you have ten or tens of thousands of users who need to be securely authenticated, MAS can easily support your initial requirements as well being flexible to support any changes in the future.
  • Quality - our key chain tokens are provided with a five-year warranty and, unlike other suppliers, they don’t expire - so you won’t be forced to replace them from time to time.
  • Comprehensive – we can provide a broad range of products and solutions to complement MAS and supply you with comprehensive remote access and managed network services from a single provider. Us.

All in all, the only way to keep everyone safely connected.

Detailed Info

Part of Managed Security Services

So much more than just token security.

In a nutshell, there are three key components: Users and their tokens, the Authentication node and the Managed Authentication Service itself.

Users and their tokens

Each user is provided with a token. These are used to deliver the One Time Password, which, when combined with the end user’s unique PIN, identifies them to the Managed Authentication Service - which then authorises their connection to the network. Simple but effective.

Just select the token type or token types that suit your user base and security policies best.

All our key chain tokens are provided with a five-year warranty. And they don’t expire (unlike those of some of our competitors).

KT-1 Key Chain Token

The KT-1 is the most common token. Its simplicity makes it the ideal authentication token for users of virtually any skill level. It generates a new passcode each time it’s activated - by pressing the button beside the LCD display.

KT-2 Key Chain Token

The KT-2 Key Chain token is an economical alternative to the KT-1. It combines the same simplicity and durability, and costs less when purchased in quantity.

SC-3 USB Style Token

This token is a software implementation of the RB-1 hardware token installed on a USB-packaged device. The ideal multi-function token card for companies that want the advantages of hardware tokens, and the convenience and integration of software tokens.

ST-1 Software Token

The ST-1 Token is a software implementation of the RB-1 hardware token for installation on computers and PDAs. Perfect for companies that want the strength of two-factor authentication without the overheads and cost of hardware distribution.

ST-1 Token for BlackBerry®

The ST-1 Token for BlackBerry® is a software implementation of the RB-1 hardware token for installation on BlackBerry® devices. It’s ideal for companies that want the strength of two-factor authentication without the overhead and cost of hardware distribution.

SMS Token

The SMS Mobile Phone Token uses your existing SMS enabled mobile phone to provide you with secure and protected login access. It works on all ordinary mobile phones and users will never need to install anything on their existing mobile phone. The ‘Security on Demand’ feature ensures that a One-Time Password is immediately available to the user on their mobile phone without you ever needing to request it.

Authentication Node

The device that terminates the end user connection onto your network must be configured to pass all of its authentication requests to the Managed Authentication Service. This device is referred to as the Authentication Node. The solution is proven to work with Cisco, Juniper, Watchguard, SonicWALL - in fact, any RADIUS based device.

The Authentication Node sends requests to one of the Managed Authentication Service Points-of-Presence (A-PoP). Communication between the Authentication Node and A-PoP is encrypted to ensure maximum security throughout.

There’s very little work required within your network to make use of the Managed Authentication Service. What’s more, the re-configuration of the Authentication Node to direct the requests to the Managed Authentication Service and the setting up of the user database typically takes no more than a few hours.

Managed Authentication Service

The function of the Managed Authentication Service is to authenticate the end user request and to provide a portal interface for management of the service. The Managed Authentication Service architecture is built around multiple data centres around the globe and therefore provides multiple A-PoP’s. Each data centre is housed in a secure, well managed and totally resilient building and is regularly checked. Data held in these centres is backed up onto multiple servers with built-in redundancy and backup capability. All of the data centres are interlinked with a robust network infrastructure with diverse internet connectivity.

The architecture of the Managed Authentication Service, together with the design of the data centres, allows multiple customers to be managed from a single service, which in turn is managed from a unique management portal.

The Managed Authentication Service Administration Portal (MAP) can be accessed over the internet via a standard web browser and, as you would expect, is secured by two-factor authentication. It allows your Administrator to perform various administrative functions including: importing, creating, editing and deleting end users, assigning and de-assigning devices to end users and reporting on authentication activity.