Skip to main content
Home
  • cs
  • en
  • Solutions
    • Client Authentication
      Easy-to-use, highly secure solutions for strong customer authentication in your digital channels and applications.
      Electronic Payments
      Sector-specific solutions for acquirers, service providers, payment facilitators, and payment providers.
      Enterprise ID
      Improve the security of your data and eliminate complex passwords in your organization with our PKI systems, smart cards, mobile authentication, qualified electronic signature or eSeal.
      eGovernment Identity
      Our PKI based solutions enable authenticated, secure handling of personal data and other applications of electronic identity in modern digital government.
      Mobile Identity Card
      Identification document in a Mobile Phone
      Smart Cities
      EMV card acceptance in public transport and parking. Faster check-in, improved convenience and valuable data on the functioning of your city.
  • Technology
    • Smart Cards
      Chip card applets, proprietary middleware and applications for highly secure identification, authentication and payment processing solutions.
      Secure Mobile ID
      Mobile devices and a variety of connected hardware for strong authentication. Securing the distributed environment of digital banking, identification or logical access scenarios.
      EMV Payments
      Software and hardware solutions for EMV payment card acceptance covering the whole process from your EFT terminal to the processing centre.
      Federated Identity
      Centralized identity security in the distributed environment of various mobile, web or cloud-based business applications.
      PKI
      We apply proven PKI cryptography and symmetrical algorithms, certificate management infrastructure and design a strong security policy, balancing security and business needs of our customers.
      Perso Lab
      One-stop shop for software personalization systems development and complex card issuing services including secure software personalization, flexible physical (graphical) card personalization and logistics.
  • Case studies
  • Company
    • About Us
    • Our Story
    • Contacts
  • Career
  1. Home
  2. Our Technology

Federated Identity

Ultimate identity security in one system for all your apps

Learning from the limitations of rigid banking systems we have designed our identity federation technology, providing both flexibility and ultimate identity security tailored for rapidly developing systems of modern digital banking or corporate security. Our identity federation technology provides centralized security and authentication methods with easy, standardized integration to internal, external, or cloud-based business applications.

Federation protocols

Standardized open protocols act as a conduit between centralized security needs and the distributed digital world of various applications and devices.
  • Supports standardized OpenID Connect, OAuth and SAML protocols for user authentication by any application.

  • OpenID Connect Session Management and PKCE protocol extensions for flexible accommodation of security needs of any application.

  • Federated Transaction Authorization (FTA) - proprietary protocol for electronic signature, transaction authorization and sensitive data secure display (like banking card PIN), incorporating dynamic linking feature.

  • Supports mobile application to mobile token identity federation flows.

  • Unique Response Claims Framework (RCF) for the management of federation tokens information profiles. 

Usability and integration

Our federated approach helps to abstract security methods development from the business applications lifecycle.
  • SAML and JWT tokens can be used by applications to create their own sessions 

  • API friendly opaque access tokens and superfast token introspection service.

  • SDKs take care of all crypto and security functions for authentication, session management, protected resources access, etc., enabling faster and more secure front-end and mobile application development. 

  • Configurable single sign-on and single logout support while not breaking application requirements on security. 

  • Strong WYSIWYS (What You See Is What You Sign) principles, adapted to the specifics of security method being used.

  • Configurable context-based authentication method prompting (mobile/desktop, secure/public network, MDM controlled device, etc.). 

Authentication methods and security functions

Various modern security methods with secure applied cryptography and a robust back-end, enable strong customer authentication in any scenario.
  • Out-of-box support for current and legacy authentication methods (smart cards, certificates, mobile tokens, SMS OTPs, username-passwords, Kerberos, HW OTPs).

  • Federation trust increased by the optional use of HSM protected signing keys 

  • Built-in authentication method abstraction for easy integration of additional authentication methods.

  • Configurable authentication method concatenation for a modular building of secure authentication scenarios.

  • PSD2 RTS (SCA, CSC) compliant.

Performance, scalability, and support

Flexible, high-performing technology supporting the everyday needs of any authentication system.
  • HA and LB 24/7 operation.

  • Scalable from tens to millions of clients.

  • An intelligent health-check system.

  • Fast, in-memory cache supported token introspection executing thousands of requests per second.

  • Distributed tracing compatible with Dapper/Zipkin.

  • Structured operational logs including correlation indicators suitable for Elastic Stack tools analysis.

Our team is ready for your challenges
Contact us
fedid@monetplus.cz

Case studies

Client Authentication, Mobile Identity, Federated Identity

Client Identity Management

Client Authentication, Federated Identity, Secure Mobile ID

Central authentication system ČS MEP

More projects
Close

We have solutions.

Contact us
  • Monet+
    • Management
    • Security Policy
    • Personal Data Processing Policy
  • Solutions
    • Enterprise ID
    • Electronic Payments
    • Client Authentication
    • eGovernment Identity
    • Smart Cities
  • Technologies
    • Smart Cards
    • EMV
    • PKI
    • Secure Mobile ID
    • Federated identity
    • Perso Lab
  • Company
    • About Us
    • Our Story
    • Contacts
    • Career
Copyright © 2023 MONET+, a.s. All rights reserved