Authentication Services

nevisAuth provides a highly secure, most flexible and adjustable, easy-to-integrate and user-friendly authentication service, which protects your web applications against unauthorized access.


nevisAuth is NEVIS' modular and highly flexible authentication service. It supports a wide range of authentication methods, data exchange protocols and token formats (including the NEVIS proprietary SecToken). This makes it possible to integrate the product in almost every existing IT landscape. nevisAuth is also able to adjust authentication strengths, thus substantially improving the security of your web applications. The highly customizable product allows you to implement exactly the kind of authentication you need to protect your applications in an optimal way: as strong as required and as user-friendly as possible.

Features and tasks

  • Single- and multi-step authentication managed by integrated authentication engine
  • Self-service support (e.g. password reset)
  • Various authentication strength levels with dynamic step-up and individual time-outs for each authentication strength level
  • Various authentication mechanisms: 
    • User name / password including change of password with all common LDAP directories
    • mTAN (transaction code via SMS)
    • eTAN (transaction code via e-mail)
    • Swisscom Mobile ID
    • X.509 client certificates (smartcard login)
    • Kerberos (Windows login)
    • Grid cards (cooperation with nevisIDM)
    • Security questions (cooperation with nevisIDM)
    • SAML 2.0
    • WS-Federation
    • OAuth/OpenID Connect
    • Etc.
  • Issuing of signed tokens for propagation (end-to-end security)
  • Auditability ensured by comprehensive audit log
  • Flexible interfaces for the integration of external systems: 
    • RADIUS
    • WS-Trust
    • REST

High-level solution architecture

Image nevisAuth_flyer_architecture_new.png

Authentication in NEVIS

Related topics

The nevisAdapt plug-in of nevisAuth uses behavioral context data to decide how to authenticate a user during login.
Thus, nevisAdapt at the same time enhances the security and increases the usability of your system.

read on

With nevisDetect, digital services are protected by continuous, risk-evaluating mechanisms, which guarantee a very high level of protection without compromising user experience.

read on

NEVIS supports end-to-end encryption by encrypting user login data. Thus, no third party is able to read the secret credentials on their way from the client device to the server.
This prevents potential eavesdroppers from accessing confidential data, and increases your system's security by strengthening its protection against attacks and identity theft.

read on

With the mobile authentication solution by NEVIS, you can build frictionless customer experiences based on password-less authentication and push notifications. The Mobile Authentication solution is based on the FIDO open standard, which unlocks access to all of the latest consumer hardware authentication advances such as fingerprint recongnition.

read on



Image visual_downloads_generic.png


‹‹Contact us››

We are happy to help.

Contact page