Login for websites and portals
The authentication with smart card can be realized with an applet in the browser (with an additional software installation for the user). Authentication and dial-up are carried out via the applet and a server component with user administration (located at the portal provider). Our solution SecAuthenticator/SecRouter is developed for such a protection of a web portal: If the user´s browser is directed to a protected URL, the user will receive first SecAuthenticator by SecRouter instead. Only after successful authentication the user will be redirected to the protected website. SecAuthenticator is a Java applet which responds on client side to the signature card including PIN entry and verifies on server side the access authorization of the signature card owner by using SecRouter. Signature application components by SecCommerce are an integrative part of many solutions and enable different technical applications to have legal binding effect and data security which are nowadays required. Project Deutsche Rentenversicherung (German pension insurance organization)The smart card technology offers a secure login alternative
References & Projects
By using the SecAuthenticator applet and the SecRouter server you enable your customers with a two-factor authentication with signature card.
The special benefit is that the customer does not have to install any program locally on the own desktop computer. The applet is delivered via your server to the user´s browser.
SecAuthenticator supports all qualified signature cards of German trust centers. For the login the user does not have to enter a password or any other confidential data into the browser.
You can get a short overview about the smart card based login with SecAuthenticator on the “provisional” demo page.
Another special feature is that users of SecAuthenticator can assign in future a SecSign ID to their smart card via self enrollment so that the customer does not always have to authenticate each time via the Java applet with signature card and card reader, but can also use the SecSign ID instead. For this the customer only requires the own smartphone.
The authentication is also secured in this case – as for the smart card – by an extremely powerful PKI, replication and the routing server. The SecSign ID login, however, can be also offered to users who do not possess any signature card.
Thus, it is not only characterized by an extremely strong security, but also by high usability and comfort on user side.
The SecAuthenticator demo login:
- Call initial registration on: https://secrouter.seccommerce.com/demo/secrouter/
- SecPKISignOn applet starts
- Confirm the conditions of participation
- Select signature card
- Add and confirm personal information as desired
- Notification is shown that the administrator will grant access. Please inform us (just to be on the safe side)
- We will inform you as soon as the access has been granted
- Call the login with smart cards on https://secrouter.seccommerce.com/demo/secrouter/
- SecAuthenticator applet starts
- Select signature card
- In the browser the information is shown that the login has been successful
Assign a SecSign ID to the smart card:
This step is of course only relevant for users who wish to use their SecSign ID additionally to their smart card. As mentioned above, the customer can also use the SecSign ID login without this combination.
Please note: For this you must have already installed SecSign ID and created a SecSign ID in the app.
- Call once again SecAuthenticator on the PC under: https://secrouter.seccommerce.com/demo/secrouter/
- SecAuthenticator applet starts
- Assign SecSign ID to smart card or SoftKey
- Enter the name of the SecSign ID
- Select the signature card
- The information is shown that the SecSign ID has been successfully assigned to the signature card
- Enter the name of the SecSign ID in the SecAuthenticator main dialogue at the top and click on “Login”
- Confirm on the iPhone the symbol which is displayed in the SecSign app
- You are logged in!
We recommend our customers to offer both options to the user (smartphone login without Java applet and SecAuthenticator login) as especially the SecSign ID login provides the user with the possibility to make a login, even if the user has not installed Java and has no smart card at hand.