Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.


Skip to end of metadata
Go to start of metadata

This article describes authentication methods available in Smart ID Digital Access component. Authentication methods are used as requirements in access rules for authentication. Different authentication methods provide various levels of security.

How does authentication work?

When a user uses a web browser to access a resource, the request flows through a web of specialized services: the access point, the policy service, the authentication service, and back again. But for the user, the single point of contact is the web browser. The access point verifies the identity of the user by forwarding the user credentials via the policy service to the authentication service, which in turn compares the information with credentials stored in the user storage. When the control is completed, a request accept is sent to the access point which allows the user to enter.

What authentication methods are supported?

Digital Access supports many authentication methods. Some of the most common ones are listed below. 

To choose the right authentication method for your business, consider your users’ needs when it comes to mobility, device flexibility and level of security. It is possible to specify multiple authentication methods for each resource. 

Some common authentication methods 

For a complete list, see the user interface in Digital Access Admin.

Expand/Collapse All

 Smart ID Mobile App

Smart ID Mobile App makes two-factor authentication (2FA) easier and more cost efficient. It is used together with Smart ID Messaging that is consumed by, for example, Digital Access, which provides user authentication and access to applications, information and cloud services. 

Read more...

 Smart ID Desktop App

Nexus Personal Desktop Client is a smart card middleware integrating smart cards and security tokens and provides your users with intuitive two-factor authentication (2FA), digital signing, email encryption etc. 

Read more...

 OpenID Connect
 Nexus TruID

Nexus TruID is a mobile two-factor (2FA) software token that is installed on a hardware device that the user already has, such as a smart phone, PC (Linux/Windows) or a Mac. The user enters a pin code into the soft token to generate a one-time password, OTP. This OTP is used to logon to the application or service. 

To ease distribution of Nexus TruID, the included Distribution Service enables automated token distribution, installation and set-up. All the end-user has to do is follow an URL link sent by the server in an SMS and within seconds the user is equipped with TruID mobile two-factor authentication.

 

Read more...

 Nexus Mobile Text

Nexus Mobile Text uses the mobile phone and a mobile text-distribution service such as SMS to distribute the one-time password. By using SMS, any mobile phone can be used for this two-factor authentication (2FA) method, and smart phones are not required.  

Read more...

 Nexus Invisible Token

The Nexus Invisible Token is a unique on-demand solution that combines the strength of passwords and tokens for two-factor authentication (2FA). It is secure, convenient, easy to deploy, and most importantly easy to use. Invisible Token is based on HTML5 and transforms your browser into an OTP-token that is independent of the platform you are using.

Read more...

 Nexus OATH

With Digital Access Authentication Server, any OATH (Open Authentication) compliant software or hardware security token may be used to provide user authentication. OATH provides an open architecture enabling customers to replace disparate and proprietary security solutions to increase flexibility.

Read more...

 Nexus Password

Nexus Password can be used for environments with lower security demands.

You can define your own password policy and set requirements for password length, complexity, disallowed characters, password change and password history. The solution can integrate with Microsoft Active Directory and reuse the passwords from Active Directory. Then the password policies in Active Directory will apply when a user changes or resets a password.

Read more...

 Swedish national eID - BankID and Mobile BankID

Digital Access support authentication using the Swedish national eID BankID. With Digital Access you can let your users authenticate with BankID on smartcard, file or by using a smartphone with Mobile BankID. There are multiple ways to connect Digital Access to the service for validation of BankID and Mobile BankID. By using a national eID such as BankID you can easily and securely enable your services for a large number of customers without the burden of managing their credentials and authentication methods.

Swedish BankID and Mobile BankID can be used in Digital Access via Nexus GO Authentication, SAML 2.0 federation or BankID web service API.

Read more...

 Freja eID

Freja eID is an electronic identity on your mobile device that allows you to log in, sign and approve transactions and agreements with your fingerprint or PIN.

With Freja eID+, you will get an eID officially approved by the Swedish E-identification board with the quality mark Svensk e-legitimation. You can configure Digital Access component to only accept Freja eID+.

Beside the Freja eID authentication, Digital Access support authentication with Freja Organisation eID. This allows users to login to their company without using their personal identity. 

Read more...