Authentication Services

nevisAuth provides a highly secure, most flexible and adjustable, easy-to-integrate and user-friendly authentication service, which protects your web applications against unauthorized access.


nevisAuth is NEVIS' modular and highly flexible authentication service. It supports a wide range of authentication methods, data exchange protocols and token formats (including the NEVIS proprietary SecToken). This makes it possible to integrate the product in almost every existing IT landscape. nevisAuth is also able to adjust authentication strengths, thus substantially improving the security of your web applications. The highly customizable product allows you to implement exactly the kind of authentication you need to protect your applications in an optimal way: as strong as required and as user-friendly as possible.

Features and tasks

  • Single- and multi-step authentication managed by integrated authentication engine
  • Self-service support (e.g. password reset)
  • Various authentication strength levels with dynamic step-up and individual time-outs for each authentication strength level
  • Various authentication mechanisms: 
    • User name / password including change of password with all common LDAP directories
    • mTAN (transaction code via SMS)
    • eTAN (transaction code via e-mail)
    • Swisscom Mobile ID
    • X.509 client certificates (smartcard login)
    • Kerberos (Windows login)
    • Grid cards (cooperation with nevisIDM)
    • Security questions (cooperation with nevisIDM)
    • SAML 2.0
    • WS-Federation
    • OAuth/OpenID Connect
    • Etc.
  • Issuing of signed tokens for propagation (end-to-end security)
  • Auditability ensured by comprehensive audit log
  • Flexible interfaces for the integration of external systems: 
    • RADIUS
    • WS-Trust
    • REST

High-level solution architecture

<br/>Authentication in NEVIS

Authentication in NEVIS

Related topics

The adaptive context-aware authentication (ACAA) plug-in of nevisAuth uses behavioral context data to decide how to authenticate a user during login.
Thus, the plug-in at the same time enhances the security and increases the usability of your system.

read on

NEVIS supports end-to-end encryption by encrypting user login data. Thus, no third party is able to read the secret credentials on their way from the client device to the server.
This prevents potential eavesdroppers from accessing confidential data, and increases your system's security by strengthening its protection against attacks and identity theft.

read on


‹‹Contact us››

We are happy to help.

Contact page