Web Access Authentication

Many organisations are seeking to improve the assurance level of user authentication for online services (Web Access) through the adoption of "two factor" authentication (2FA)mechanisms whereby a user will have an independent hardware authentication token or device with the following characteristics:

  • PIN protected access to the token and associated authentication service
  • Authentication is completed using a One Time Password (OTP) that is displayed on the token and then submitted through the Internet to the organisation's online application and validated via a standards based interface to an authentication service
  • The OTP is algorithmically based with robust protection of the cryptographic keys within the token
  • The OTP verification service is robust and network connectable and provides for cross-authentication of the service with requesting application or network systems.

Historically, such tokens have taken a form factor of a purpose built physical device with display (sometimes with a key-pad) and onboard cryptographic and OTP algorithm support. These physical devices are limited as they can only serve one function.

Salt Group's Mobile Authentication Token product suite implements equivalent functionality on a mobile handset and offers significant operational, cost and deployment benefits whilst maintaining the high assurance characteristics of traditional specialised devices.

Salt's product suite has been designed to provide a range of customisation options and operational modes to suit the various user and transaction authentication requirements of government, finance and commercial sectors.

Salt mCode OTP

Salt mCode OTP Mobile Token is designed as a convenient handset based "second factor" user authentication mechanism. Implemented via an easily deployed mobile application, mCode provides a robust cryptographically based, PIN protected and standalone solution.


Salt SMS OTP provides a basic two factor authentication scheme suited to entry level applications (or as a way of rapid deployment for emergency situations) in a Salt mCode OTP authentication strategy.

Thales SafeSign Authentication Server

SafeSign Authentication Server is a unique identity and transaction authentication infrastructure service that provides enterprises with the surety of operating a trusted central provisioning and authentication service, whilst also providing the flexibility to adopt one or more of a range of user identity authentication mechanisms aligned to the commercial risks of the various services they offer electronically.

SafeSign supports PKI smart cards, EMV CAP, specialised tokens including Vasco, ActivIdentity and Thales, and Salt Mobile Tokens.