a>
Comprehensive authentication solution including physical grid cards, hardware tokens, and smart cards designed for financial services. Features include transaction verification, digital signatures for payment authorization, and secure access to treasury systems with multi-factor authentication options.
Physical devices such as security tokens, smart cards, and biometric readers that provide multi-factor authentication for payment approvals and system access.
More Secure Authentication Hardware
More Treasury Operations ...
|
Multi-factor Authentication (MFA) Requiring two or more verification methods for user login (e.g., password, token, biometrics). |
Product explicitly states support for multi-factor authentication using hardware tokens, grid cards, and smart cards. | |
|
Biometric Authentication Support Ability to use fingerprints, facial recognition, or iris scans for identity verification. |
Entrust documentation references biometric authentication as an available option for identity verification. | |
|
Hardware Token Integration Support for physical authentication devices such as YubiKeys, smart cards, or OTP tokens. |
Supports a range of hardware authenticators including physical tokens and smart cards (such as YubiKey), per documentation. | |
|
Public Key Infrastructure (PKI) Supports authentication using public/private key pairs and digital certificates. |
PKI support is provided for digital signatures and secure authentication, as highlighted in Entrust Identity Enterprise product overview. | |
|
Single Sign-On (SSO) Allows users to access multiple treasury applications with one set of credentials. |
Single Sign-On (SSO) is a core feature for treasury system and payment access, in line with Entrust documentation. | |
|
Time-based One-Time Passwords (TOTP) Support for authentication using app-based or hardware-generated time-limited codes. |
Time-based One-Time Passwords (TOTP) are supported via mobile and hardware authenticators. | |
|
Adaptive Authentication Dynamically adjusts authentication based on risk signals (location, device, time, etc.). |
Adaptive authentication is featured for dynamic response based on user behavior and risk scoring. | |
|
Device Binding Ability to restrict access to specific pre-authorized devices. |
Device binding and device management allow restriction to pre-authorized devices, per solution datasheet. | |
|
Knowledge-Based Authentication Enables secondary verification through personal or system-generated questions. |
KBA is available as a secondary authentication option for scenarios like device activation and recovery. | |
|
Transaction Signing Users digitally sign transactions with a hardware device as a distinct action. |
Transaction signing with digital certificates or hardware tokens for payment and transaction approval, as highlighted under product features. |
|
Tamper-Resistant Design Hardware features that prevent unauthorized physical access or compromise. |
Entrust hardware authenticators are tamper-resistant, with secure elements to prevent physical compromise, per brochure. | |
|
FIPS 140-2/3 Compliance Hardware certified to Federal Information Processing Standards for cryptographic modules. |
FIPS 140-2 certified hardware is part of Entrust hardware portfolio, as claimed on vendor site. | |
|
Secure Key Storage Encryption keys are stored in secure hardware modules, not software. |
Cryptographic keys stored in secure hardware rather than software, as part of their security model. | |
|
Remote Wipe Capability Ability to erase or deactivate devices if lost or stolen. |
Remote wipe options are available for supported mobile/hardware authenticators in administration portal. | |
|
Physical Lock Mechanisms Locking or anchoring devices to prevent removal or theft. |
No information available | |
|
Backup Device Support Allows for quick replacement and setup of a backup device. |
Backup device provisioning is listed as a feature in the administrative management documentation. | |
|
Secure Firmware Updates Updates to device software are cryptographically signed and validated. |
Firmware/software updates are digitally signed; integrity checks are described in admin manuals and security documentation. | |
|
Environmental Control Features Ability to withstand variations in temperature, humidity, or mechanical shock. |
Product datasheets for hardware authenticators specify environmental tolerances. | |
|
Audit Logging Capabilities Logs hardware access and usage details for security review. |
Audit logs of authentication and device usage are configurable and exportable for review, as per features list. | |
|
Device Lifespan Average number of years hardware devices are expected to remain operational. |
No information available |
|
Centralized User Provisioning Manage all user credentials and devices from a central dashboard. |
Centralized dashboard and device/user management interface described in solution overview. | |
|
Role-Based Access Control (RBAC) Assign and enforce user roles and permissions aligned to corporate treasury functions. |
Role-based access control (RBAC) is a standard administrative feature (Enforce roles for treasury operations). | |
|
Bulk User Enrollment Onboard large groups of users/devices at once. |
Bulk enrollment of users and devices via administrative console and import tools available. | |
|
User Self-Service Device Activation Allow users to securely activate and register new devices on their own. |
User self-service activation is documented to reduce admin workload and provide rapid onboarding. | |
|
Automated Deprovisioning Automatic revocation of credentials and hardware when users leave or change roles. |
Automated deprovisioning occurs via HR integration and policy settings. | |
|
Delegated Administration Assign user, device, or location-specific administrators. |
Delegation of admin rights to site/location admins is supported as part of role segregation. | |
|
Integration with HR Systems Link user lifecycle management with corporate HR or LDAP directories. |
Integration options for HR, LDAP, and directory services are listed on product technical sheet. | |
|
Device Assignment Tracking Monitor which devices are issued to which users. |
Device assignment and inventory tracking built-in with centralized management. | |
|
User Behavior Analytics Monitor authentication patterns for anomalies or risky behaviors. |
User behavior analytics and risk scoring engine included for adaptive authentication. | |
|
Customizable Lockout Policies Configure thresholds for failed login/device authentication attempts. |
Configurable lockout thresholds and policies per user/device in admin panel. |
|
APIs for Integration Availability of REST, SOAP, or proprietary APIs for system integration. |
REST APIs and integration interfaces are available for integration. | |
|
Support for SAML/OAuth/OpenID Interoperability with modern authentication standards and single sign-on protocols. |
Supports SAML, OAuth, and OpenID protocols for interoperability and SSO. | |
|
ERP/TMS Compatibility Can be paired directly with enterprise resource planning or treasury management systems. |
ERP and TMS system integration is highlighted for ease of treasury deployment. | |
|
Plug-and-Play Installation Requires minimal technical effort for setup and deployment. |
Plug-and-play setup for hardware tokens; workflows documented for corporate use. | |
|
Legacy System Support Ability to interface with older, non-standardized treasury applications. |
Legacy system support discussed for integration in banks/finance with older TMS solutions. | |
|
Cloud Service Integration Works seamlessly with cloud-based treasury systems. |
Cloud integration available for cloud-based treasury and banking systems. | |
|
Mobile App Integration Seamless functioning with treasury mobile apps and devices. |
Mobile app integration available for iOS/Android authenticator apps and approvals. | |
|
Custom Integration Tools SDKs, connectors, or middleware available for bespoke system integration. |
Developer resources and SDKs provided for custom integration with proprietary systems. | |
|
Multi-Platform Compatibility Works across Windows, MacOS, Linux and mobile operating systems. |
Product works with Windows, Mac, Linux, iOS, Android, and custom devices per product matrix. | |
|
API Request Rate Limit Maximum supported API calls per second. |
No information available |
|
GDPR Compliance Adherence to regulations on data privacy and user consent. |
Entrust states compliance with GDPR including data privacy and consent platforms. | |
|
SOX Compliance Aligns with Sarbanes-Oxley requirements for financial controls and reporting. |
Product aligns with SOX frameworks for audit trails and authentication of financial operations. | |
|
PSD2/SCA Support Meets Payment Services Directive/Strong Customer Authentication mandates. |
Supports SCA as required by PSD2 for strong authentication and payment authorization. | |
|
Audit Trail Retention Period Length of time audit records are stored and accessible. |
No information available | |
|
Custom Policy Enforcement Ability to enforce geographic, business unit, or regulatory-specific access policies. |
Supports enforcement of custom geographic and regulatory access policies per admin settings. | |
|
Independent Security Certification Certified by an independent authority (e.g., ISO, Common Criteria). |
Entrust hardware is ISO/IEC 27001 and FIPS 140-2 certified, links to third-party evaluations available. | |
|
Real-Time Compliance Reporting Instant generation of compliance and access audit reports. |
Compliance and audit reports are generated instantly from admin console. | |
|
E-signature Legality Electronic signatures via hardware tokens are legally enforceable. |
E-signatures via hardware tokens (smart cards, PKI) are compliant with applicable eIDAS and legal standards. | |
|
Data Residency Controls Manage where user/device data is physically stored according to regulations. |
Data residency and location controls available for global compliance. | |
|
Customizable Retention Policies Configurable rules for data and log retention per compliance requirements. |
Customizable data and log retention supported for compliance configurations. |
|
Quick Authentication Time Average time required for user authentication using hardware devices. |
No information available | |
|
Self-Service Recovery Enables users to recover or reset access in case of lost or damaged devices. |
Self-service recovery workflow available for lost or damaged authenticators, including backup methods. | |
|
Multi-Language Support Interfaces and instructions available in several languages. |
Multi-language interfaces and end-user guides are available per documentation. | |
|
User Training Materials Provision of digital and physical training resources for users. |
Extensive user and admin training materials provided online and as PDFs. | |
|
Accessibility Features Designed to be usable by people with disabilities. |
No information available | |
|
Minimal User Prompts Low number of required user interactions per authentication. |
No information available | |
|
Customizable Alerts Configurable notifications for transactions, logins, and policy violations. |
Customizable alerting for policy violations, logins, and critical transaction events in admin dashboard. | |
|
Support for Remote/HQ Users Designed for both on-site and distributed workforce scenarios. |
Remote workforce explicitly supported in documentation; secure access for HQ and distributed users. | |
|
Out-of-the-Box Configuration Templates Pre-built configurations for rapid deployment. |
Product offers quick-start deployment with pre-built policy and configuration templates. | |
|
Clear Error Messaging Descriptive messages and troubleshooting guidance when authentication fails. |
Clear error messaging and troubleshooting details documented for user login/authentication issues. |
|
Backup Authentication Methods Alternative authentication available if hardware is lost/unavailable. |
Fallback authentication methods, including mobile OTP, backup codes, and KBA supported in case of hardware loss. | |
|
Service Uptime Percentage of time the authentication service is available. |
No information available | |
|
Disaster Recovery Capabilities Ability to recover full authentication services after critical events. |
Disaster recovery capabilities described as part of service continuity program. | |
|
Redundant Data Centers Multiple geographically dispersed facilities to ensure uninterrupted service. |
Entrust datacenter infrastructure supports redundant, geographically distributed service for HA. | |
|
Onsite Hardware Replacement Time Typical maximum elapsed time to replace failed hardware. |
No information available | |
|
Distributed Load Handling Ability to handle authentication loads from multiple locations concurrently. |
Distributed concurrent authentication supported for multi-location corporate environments. | |
|
Periodic Health Checks Regular automatic tests and monitoring of hardware and authentication processes. |
Automated health check and monitoring for hardware and authentication status. | |
|
Automatic Failover Processes automatically switch to backup hardware or methods if primary fails. |
Automatic failover and redundancy detailed in solution architecture for business continuity. | |
|
Maintenance Notification Automated user alerts about upcoming or ongoing maintenance windows. |
Notification of planned maintenance and downtime configured in admin notifications. | |
|
Capacity for Concurrent Authentications Maximum number of concurrent authentication sessions supported. |
No information available |
|
Maximum Supported Users Largest number of users the solution can handle effectively. |
No information available | |
|
Maximum Supported Devices Total number of unique hardware authentication devices supported concurrently. |
No information available | |
|
Elastic Resource Allocation The system resources can automatically scale up or down based on demand. |
Elastic scaling and infrastructure management available for large/variable user populations. | |
|
Load Balancing Support Distributes authentication traffic for optimal performance. |
Load balancing and traffic distribution features included for enterprise environments. | |
|
Low Latency Authentication Minimal average time for completing authentication transactions, even at scale. |
No information available | |
|
Concurrent Hardware Update Support Can update firmware/settings across multiple devices simultaneously. |
Entrust supports bulk firmware updates for device fleets, per admin documentation. | |
|
Batch Device Management Ability to manage device settings and permissions in bulk. |
Batch device and policy management available in admin dashboard. | |
|
Multi-Site Support Facilitates centralized management across distributed corporate locations. |
Multi-site deployment and management supported for global organizations. | |
|
Distributed Workforce Scalability Suitable for both centralized headquarters and remote treasury teams. |
Designed for both centralized and remote/distributed corporate workforces. | |
|
Peak Hour Performance Lowest average authentication time during the busiest periods. |
No information available |
|
Real-Time Authentication Monitoring Ongoing visibility into who is accessing what, when, and how. |
Real-time authentication monitoring and reporting illustrated in admin consoles. | |
|
Automated Alerting for Suspicious Activity Immediate alerts for anomalous login attempts or policy violations. |
Automated alerts for suspicious activity and fraud detection present. | |
|
Integration with SOC/SIEM Tools Feeds authentication logs and alerts into security operations centers. |
Integration with SIEMs and SOC platforms described in technical integrations. | |
|
Automated Threat Response Initiates automated steps (lockouts, alerts, device disable) upon detection of certain threats. |
Configured for automated threat response actions (lockout, alerts, device disable). | |
|
Forensic Data Collection Collect and retain data for post-incident investigations. |
Forensics and detailed logs retained for investigation after incidents. | |
|
Threat Intelligence Integration Leverages real-time feeds to update threat detection criteria. |
Threat intelligence feeds supported for updating detection and risk rules. | |
|
Incident Response Playbooks Pre-defined procedures for handling specific authentication threats. |
Incident response playbooks and automatable workflows described for security ops. | |
|
User Notification on Compromise Notifies users immediately if their credentials or devices are at risk. |
Immediate notification for users on compromise of credentials or devices is a documented security feature. | |
|
Manual Override Capabilities Allows authorized personnel to override automated locks if needed under strict control. |
Manual override possible by admins under restricted workflows. | |
|
Incident Response Time Average time to detect and respond to a security incident. |
No information available |
|
Transparent Pricing Model Clearly defined fees for hardware, support, and licensing. |
Clear and transparent pricing models available for hardware and services. | |
|
Hardware Replenishment Costs Typical per-device cost for replacement or additional units. |
No information available | |
|
Support and Maintenance Fees Recurring cost for ongoing vendor support and device upkeep. |
No information available | |
|
Pay-as-You-Go Options Pricing flexibility to scale with actual usage, not fixed licenses. |
Pay-as-you-go (consumption-based) licensing available depending on contract. | |
|
Volume Discount Availability Discounts applied for purchasing large numbers of devices. |
Volume discounts available for large-scale hardware authenticator purchases. | |
|
Included Software Updates Software/firmware updates are included in licensing/package fees. |
Regular software/firmware updates included in licensing costs. | |
|
Trial/Evaluation Hardware Availability of trial devices for hands-on evaluation before purchase. |
Trial/evaluation units available for proof of concept; mentioned in procurement options. | |
|
Flexible Contract Duration Ability to negotiate terms of service, e.g., annual or multi-year. |
Contracts may be structured for annual/multi-year per client requirements. | |
|
Total Cost of Ownership Tools Tools for projecting and understanding all long-term ownership costs. |
No information available | |
|
Third-Party Hardware Support Supports a variety of vendor devices, not just proprietary options. |
Support for multiple hardware vendors/devices beyond Entrust's own, as stated in integration section. |
|
24/7 Technical Support Round-the-clock assistance from vendor support teams. |
24/7 support and critical incident response guaranteed in service description. | |
|
Comprehensive Documentation Extensive user and administrator guides with troubleshooting. |
Comprehensive documentation for end users and admins available in customer portal. | |
|
Dedicated Account Manager Named support resource for ongoing partnership and escalation. |
Dedicated account manager provided for enterprise/large accounts, per service policies. | |
|
Custom SLAs Option to negotiate Service Level Agreements for uptime, support speed, etc. |
Customizable SLAs offered as part of procurement process. | |
|
Customer Training Services Provision of onboarding and specialist training for treasury staff. |
Client onboarding and staff training for treasury roles available by arrangement. | |
|
Local/Regional Technical Presence Access to in-region expertise and hardware support. |
Entrust maintains regional support presence for global customers. | |
|
Community and User Forums Active information-sharing spaces for users and admins. |
Community forums and user groups provided for info sharing and community support. | |
|
Automated Ticketing System Structured, trackable process for raising and resolving issues. |
Automated ticketing and support escalation documented. | |
|
Proactive End-of-Life Notifications Alerts about support and update discontinuation for hardware models. |
End-of-life notifications for hardware/software managed proactively. | |
|
Onsite Support Availability Ability to request onsite engineer visits for urgent incidents. |
Onsite hardware/vendor support available for critical issues in certain regions. |
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.