CRYPTOCARD’s Authentication Protects Everything: Cloud & web apps: Cloud and web applications are protected via the use of the industry standard SAML, by using one of CRYPTOCARD’s authentication APIs, or by the use of CRYPTOCARD’s web agents. Alternatively there are many plug-ins available for web servers that allow interaction via the industry standard RADIUS protocol. Network access devices: Network access devices such as VPNs and firewalls normally communicate with BLACKSHIELD using the industry standard RADIUS protocol. This includes most devices from Cisco, Checkpoint, Juniper, Sonicwall, Fortinet and Watchguard for example, as well as Microsoft’s firewall and VPN offerings. Some devices such as older versions of Citrix Gateways that do not support RADIUS fully can be protected by installing a CRYPTOCARD agent on the device. Configuration can be completed in a matter of minutes, after which BLACKSHIELD protected users can authenticate. Windows & Unix: Unix systems and applications that support PAM can also authenticate against BLACKSHIELD. Any application that is “PAM aware” can use PAM’s support for RADIUS to authenticate against BLACKSHIELD. Use of a CRYPTOCARD agent protects Microsoft Windows desktops, domains, remote desktop services and terminal servers. The agent can also allow offline authentication, for example for use with laptops where they are not connected to the corporate network. RADIUS: If you are using RADIUS for communication between a protected device or application and BLACKSHIELD it is necessary to install a CRYPTOCARD agent on your RADIUS server. More info: ce@cryptocard.com

1. Next Generation
Authentication
©CRYPTOCARD 2011 12

2. CRYPTOCARD vision
• Easy authentication for any organisation, anywhere.
•Reduce administration time by 90% so that authentication is
truly “managed by exception”
• Commoditised authentication – Cryptocard is doing for authentication
what MessageLabs did for email scanning
• Innovation in mobile and tokenless solutions,
cloud based and server based authentication
and automation

3. Why choose CRYPTOCARD
Leader in Authentication
• We protect The Cloud, Apps and Networks
• Trusted globally by thousands of customers
• We invented cloud based authentication
• Multi‐award winning Technology
• Proven savings of >50%
• Flexible and scalable technologies

4. Credentials
Over 20 years leading the market
Company Widest range of
2FA as managed Leading server solution
founded token and
service – an industry BlackShield ID tokenless solutions
first introduced
KT‐1
Key chain
introduced
4
Best of
Show
MacWorld
Innovative
Linux version
Product
introduced
of 2008
NASA ‐ our first
major customer
World’s first Mac
authentication
solution introduced

5. The solution
Introducing CRYPTOCARD two‐factor authentication (2FA)...
Combining
• something you have: an authentication device
• with something you know: a PIN
• to give a One Time Password
What is a One Time Password (OTP)?
• a password that is only valid for that one login
• thereafter, a new OTP must be generated at the next login
• hence making all password‐stealing hacking methods redundant

6. CRYPTOCARD protects... everything
Users
Corporate
Network
API
LDAP / Active Directory
Cloud Applications RADIUS
SAML 2.0
Corporate
Network
Agents
SAML 1.1 LDAP / Active Directory
Corporate
Network
Cloud Services
LDAP / Active Directory
On‐line Application
storage Hosting
Disaster Corporate
Network
Recovery
My BLACKSHIELD
Identity Manager LDAP / Active Directory

7. 2FA software‐as‐a‐Service
• world’s first authentication‐as‐a‐service offering
• benefits of SaaS
• 99.999% SLA
• pay per user pricing
• ready to go in minutes
• no upfront infrastructure requirement or
ongoing infrastructure costs
• easy‐to‐use management portal provides
automated management, provisioning and
reporting

8. 2FA on‐premise
• automation of provisioning, administration and managing of users and tokens
• drastic reduction in cost of authentication
• recommended architectures deliver a highly available, high performance, scalable service
• can be configured in a huge range of high availability, high performance architectures as
required, without requiring high specification hardware and software
• whether migrating from static passwords or
alternative solutions is a risk‐free and trouble‐
free process

9. BLACKSHIELD key features
Automation:
– Provisioning LDAP
– Enrollment Changes
– Reporting
– Billing
Reporting and Auto Update
Alerts BLACKSHIELD
Auto‐
Self‐
Provision
Enrollment
User

10. Widest choice
• convenient, inexpensive, reliable and never expire
• BLACKSHIELD platform supports 3rd party tokens
•mix and match tokens as you require
• customisable length and complexity of both the passcode generated by the token and the
user’s PIN

11. A cloud story
Who they are Key benefits
• Based in London, UK
• Freedom of access
• Private and corporate money exchange • Highest levels of security
• Over 600 employees around the world • Speed and ease of install
• Low total cost of ownership
What they have – Outsourced overheads
• Secured web and telephone access by – No upfront investments
corporate customers
• RB-1 tokens
What problem they solved
• Secure access for monetary transfers

12. A server story
Who they are Key benefits
• Manufacturers of home care products,
• Time and cost savings
with brands such as Kleenex
• Simplicity of administration
• 57,000 employees around the world
- Automation
- Self-enrolment
What they have
• Secured VPN access for remote/mobile
users
• KT and software tokens
What problem they solved
• Business and cost efficiencies

13. In summary
• CRYPTOCARD are leaders in authentication
• Authenticating anyone, anywhere
• Commoditising authentication and providing SaaS security
• 21 years of innovation, from server to cloud and hardware tokens to tokenless
• Protecting:
‐ cloud and web apps
‐ Widows and Unix
‐ Network access devices
• Unrivalled solutions with five 9SLA’s, per user pricing, great automation and seamless
migrations

14. How CRYPTOCARD 2FA works

15. Thanks for your time
ce@cryptocard.com
www.cryptocard.com