Thales Blog

Hardware-based PKI provides strong passwordless authentication

July 8, 2021

Yarden Gaon Yarden Gaon | Product Manager, Thales More About This Author >

PKI and Credential Management

Controlling access is at the heart of any enterprise security environment—making sure only those who have the appropriate permissions can access the data, enter the facilities, print a secure document, etc. Public Key Infrastructure (PKI) uses key pairs and certificates to verify the identity of users and systems. The digital certificate links the name of an individual to their public key. In addition to the public key, certificates contain additional information, such as the issuer, what the key is supposed to be used for, and any other type of metadata.

A PKI environment assigns a digital identity for all employees and machines, allowing for secure access to data, networks and physical locations. The PKI environment includes Credential Management solutions for complete lifecycle administration of certificates and permissions.

PKI Management

The need to manage users and authenticators in a secure and timely way is important with any PKI-based deployment. Thales and Versasec offer the most comprehensive identity access and credential management system to administer, monitor, and manage strong authentication deployments and digital signing across the organization.

  • Full Credential Management throughout the certificate life cycle
  • Certificate-based and software authentication solutions and OTP
  • For enterprise deployments requiring life cycle management, provisioning of certificates and tokens for PKI-based strong authentication and digital signing

More than ever, there is a need for secured access:

Over the last year, the need for strong user authentication in enterprises has increased significantly. With so many employees working from home in all corners of the globe, there has never been a better time to ensure your company’s authentication is as strong as possible.

The pandemic demonstrated how critical it is for organizations to establish strong authentication and secure their network environment. Simply put, strong authentication helps verify data security. It ensures compliance with security regulations in different regions, which in turn gives employers and their users assurances that the data they are working with is well protected.

Hardware-based security devices such as public key infrastructure (PKI) allows multi-factor authentication for users via cryptographically secured hardware. Moreover, the devices are proven to be highly secure and easily integrated into the customers’ ecosystem. The result is organizations that can use their applications and hardware easily, whilst also being certain that their data is secured and compliant with the relevant security regulations around the world.

There are many advantages of hardware-based PKI. The following are three of the most important:

  • Threat mitigation: PKI helps mitigate threats for sensitive accounts using two-factor (2FA) or multi-factor authentication (MFA).
  • Seamless password management: With PKI in place, password management is simple, which lowers the cost of maintenance in implementing and managing password policies. The result is improved convenience and efficiency.
  • Improved data access: Accessing everything from anywhere is possible with PKI solutions, making it convenient and easy for users to access data remotely with 2FA or MFA.

As organizations must enable but strictly control access to their infrastructure and applications, they need versatile and trusted solutions, such as PKI. To learn more about PKI, watch our recent joint webinar with Versasec.

Thales IDPrime smartcards:

Thales USB Tokens:

Thales PKI security solutions:

Thales HSM security solutions:

Thales DPoD security solutions: