You are here: Home > Products > AuthEngine > Overview





Award-Winning Two-Factor Authentication

New AuthEngine allows companies to add Two-Factor Authentication to their already existing custom applications. It is Security on Your Own Terms. CRYPTOCard’s AuthEngine was designed from the ground-up to be embedded in existing applications. It is lightweight, easy to implement, and is available in a variety of flavors to fit in with any development and implementation environment.

Many organizations already have custom applications that maintain sensitive and confidential data that were built to meet specific needs. These may be in-house applications, or applications offered on the market as off-the-shelf or customizable software products. What is needed is a means of adding strong, two-factor authentication to the security methods in place. Two-factor authentication provides an extra level of security by eliminating static passwords and replacing them with one-time passwords generated by portable, easy-to-use authentication tokens. This greatly reduces the chances of a system being hacked into, and helps meet the authentication requirements being imposed by government and industry regulations and guidelines.

Off-the-shelf authentication servers add too much overhead, and are usually difficult to integrate with your existing environment. Integration is done on their terms, and their system was developed with no knowledge of your daily workflow, business logic or technical infrastructure.

AuthEngine consists of two components:

  • The Authentication Module consists of code that your application will call to authenticate users attempting to login using CRYPTOCard authentication tokens.
  • The Initialization Module is code that you can use to program authentication tokens with encryption keys, seed values, and various other operating parameters such as password length and strength.

Ease of Use

AuthEngine appears as simply another authentication method – there are no external dependencies or infrastructure requirements. There are no restrictions on the databases or directories that you integrate with. It can be used along side other authentication methods, and can work with all existing authorization mechanisms.

  • AuthEngine does not require a dedicated or 3rd-party server, and requires minimal CPU or memory overhead.
  • Best of all, AuthEngine enables you to integrate strong authentication into your application the way it makes sense to you, allowing you complete control over the workflow, user experience and deployment processes.

Fast Development

It can take less than a week to implement two-factor authentication in an existing application with AuthEngine. A typical deployment will involve:

  • 1 – 5 days to implement a basic solution.
    • Authentication mechanism.
    • Database changes.
    • Authentication selection.
  • 1 – 2 days to implement self-enrolment, resynchronization and self-help.
  • 1 day to implement reporting and audit.

Fits Any Environment

AuthEngine is implemented in the following environments:

  • COM Object for Microsoft Windows environments.
  • SO (shared object) for Linux/UNIX environments.
  • JRE 1.4 and 1.5 for Java environments.

The AuthEngine SDK also includes a variety of bridges and plug-ins, including a PHP bridge and a freeRADIUS plug-in.

The Only Embedded Solution

AuthEngine is unique in the market, providing the only fully embeddable solution for existing applications and custom-developed software.


AuthEngine can be used to implement two-factor authentication wherever it is required, and looks to the application as just another authentication method.

Typical applications of AuthEngine SDK include:

  • Integrated two-factor authentication in a custom applications, databases, web application servers, on-line transaction processing;
  • Integrated two-factor authentication in security applications and appliances such as VPN gateways, firewalls, on-demand computing platforms;
  • Token-based signing of on-line transactions such as web-banking, forms, etc. for non-repudiation;
  • Out-of-band user authentication such as voice transactions;
  • Kerberos two-factor authentication 

AuthEngine Solution Sheet


Clinivate Case Study
Digician Case Study
Los Alamos Case Study