Managing the lifecycle of physical means of strong authentication (such as smart cards, badges and USB tokens) involves significant business constraints, especially when there are many users or users are located at multiple corporate locations.
SSOX includes a module to simplify and reduce the cost of managing smart cards and, more generally, any type of cryptographic means of authentication, from their customization and issuing to users until they are turned in, as well as automatic certificate renewal.
Customization and availability of authentication systems
Means of authentication provided by manufacturers (Gemalto, Morpho/Sagem, Safenet, Oberthur and others) are generally delivered without any data. The Avencis Card Management System (CMS) module provides the following services:
- Graphic and electric customization of contact and contactless cards
- Certificate generation and association of the card with a user
- Integration with user rights management solutions: provisioning of card requests based on user profiles
- Management of user notifications
Automatic generation, revocation and renewal of certificates
- Generation of certificates by the administrator
- Importation of public key infrastructure (PKI) certificates
- Automatic certificate renewal by SSO: if the initial issuing occurred face-to-face to authenticate the user and issue him/her the card, renewal can be fully automated, eliminating the need to see all users again.
Management of card inventory
- Inventory management
- Management of contact and contactless cards’ serial numbers
- Management of temporary cards (assignment and revocation)
- Notification of loss or theft
- Card recycling (turn in and reissuing)
Decrease in helpdesk costs
- Self-troubleshooting module: gives users limited and controlled autonomy to conduct certain actions themselves (card unlocking, for example).