VASCO VACMAN Controller
Integrate Strong Authentication into Your Applications without Rewriting Them
VACMAN Controller is a state-of-the-art API-based authentication platform that serves as a back-end for DIGIPASS Strong Authentication tools. It automatically handles login requests, ensuring only properly authenticated users can access protected online applications and networks. In addition, VACMAN Controller can be used to validate e-signatures which are developed to protect your online transactions from Man-in-the-Middle attacks. The unique design, unlimited scalability and flexibility of VACMAN Controller make it a perfect fit for large deployments in a variety of customer interfacing applications such as online banking, e-commerce, online gaming, web portals, and others.
VACMAN Controller can be customized and integrated into any existing application regardless of the operating system, data model, or architecture. The versatility of this API-based solution makes the entire two-factor security implementation effortless and cost-effective, ensuring the lowest possible impact on existing infrastructure and operations.
VACMAN Controller makes it easy to add more users and/or applications without the need to rebuild the back-end infrastructure. There is no need to deploy and maintain additional or back-up servers.
With VACMAN Controller API, there is no need to worry about server downtime and service disruptions. Its high reliability ensures that your users can get secure access to the system when they need it.
Low Total Cost Of Ownership
VACMAN Controller is designed to accommodate all current and future VASCO authentication and e-Signature technologies and devices. This provides your organization with the flexibility to follow new standards and developments in application and network security for virtually any operating system or platform. VACMAN Controller is a cost-effective solution that leverages your IT investment and provides one centralized platform without any additional requirements for a separate authentication server or database. As such, no server farms and dedicated disaster recovery systems are needed.
VACMAN Controller is a single platform with secure key management and provisioning suitable for any security policy:
- End-to-end security chain from VASCO manufacturing sites
- Initialization secure room with a high level of both physical and logical security
- Secure encrypted transport DIGIPASS key file (DPX) with an optional key ceremony for the customer’s security officer(s)
- Optional Hardware Security Module (HSM)-compliant solution
- Optional hardware DPX file encryption
- One-time password and e-signature validation operates inside the HSM
- No sensitive information exposed outside of the HSM
- Compliant with FIPS standards
Integrations With Strategic Partners
VACMAN Controller is currently integrated into over 100 applications, including those in the portal, single sign-on, and banking markets, among others. Native integration significantly reduces the cost of strong authentication implementation and simplifies back-end deployment and management.
Features & Benefits:
Support for multiple form factors
VACMAN Controller is a unique and flexible platform that supports multiple authentication devices and mechanisms. It works with all hardware and software-based DIGIPASS authenticators, as well as with OATH-compliant devices and EMV-CAP smart cards. When combined with DIGIPASS hardware and software authenticators, VACMAN Controller can provide end-to-end secure online provisioning and management of these authenticators.
The following form factors are supported in every implementation:
- One-button hardware authenticators
- PIN-protected hardware authenticators
- Matrix Cards
- Software-based solutions (DIGIPASS for Web, DIGIPASS for Mobile, DIGIPASS for C and Java API)
- SMS delivery (Requires integration of an SMS gateway)
- USB authenticators
- Smart cards
Support for multiple authentication technologies
VACMAN Controller supports a range of authentication modes including:
- Time- and/or counter-based one-time passwords (response only
- Time- and/or counter-based challenge/response
- Time- and/or counter-based e-signatures
- Mutual authentication (between a user and a server)
- e-signature confirmation code
- Server-side PIN validation
- CHAP & Microsoft Response Authentication using DIGIPASS dynamic passwords
- Knowledge-based authentication (secret question & answer scheme)
Other features include:
- Time- and/or event-based synchronization mechanisms
- Supports DES/3DES/AES/OATH encryption standards
- Centralized credential provisioning mechanism to be used with DIGIPASS for Mobile and DIGIPASS for Web product line.
- Centralized OTP generation mechanism to offer SMS-based authentication
- Multi-thread and multi-task aware code
- On and offline software-based DIGIPASS provisioning
- Integrated secure unlocking feature for locked users
|Technical Specifications and Supported Platforms|
|Hardware Security Modules||Safenet Protect Server Orange/Gold/External, nCipher netHSM, Safenet Luna SA, Thales WebSentry, IBM ICSF|
Download the VASCO VACMAN Controller Data Sheet (.PDF)