privacyIDEA – Secure Authentication with MFA

What Is privacyIDEA?Application and Features Services

What Is privacyIDEA?

privacyIDEA is an authentication system for multi-factor-authentication (MFA), which is developed by the German company NetKnights. Using privacyIDEA means allowing for multiple ways of authentication, which in turn increases the security of sensitive data. privacyIDEA offers a particularly high level of data security while maintaining user-friendliness.

The software is designed and structured as a modular solution which enables multi-factor-authentication. It is highly customisable as well as expandable according to individual preference. Further, privacyIDEA is highly scalable, as well as multi-tenency and multi-instance capable, which means it is a perfect match no matter the size of the company.

For individual authentication flows privayIDEA mostly uses OTP tokens (one-time password tokens). Generally, the software uses interfaces similar to REST interfaces in order to communicate with other programmes. This allows for an especially smooth integration into already existing IT environments.

For specialised authentication flows, the software supports a wide variety of tokens, as well as hardware components, such as:

TOTP / HOTP (OTP apps such as „Google Authenticator“
Push Token (via app)
OTP via email or text message
WebAuthn / FIDO2
U2F (Hardware-Dongle)
Yubikey (different protocols/types)
NitroKey
X509 oder SSH-Keys
SafeNet eToken NG OTP

privacyIDEA is continuously developed further for compatability with even more tokens in order to ensure state-of-the-art system security.

If you are looking into privacyIDEA for your company, you can order a trial version from the developer.

Photo: glass door with a lock symbolising access management

Application and Features of privacyIDEA

The software is mostly used as an addition to an existing IT landscape, which manages user information in a LDAP or similar and needs to be secured further. PrivacyIDEA can be easily connected to common authentication components such as Shibboleth IdP or didmos Authenticator, in order to enable the verification of the second factor via an input screen in the IdP.

This way. PrivacyIDEA can be seemlessly integrated into already existing SSO processes. The access management solution Gluu, for which DAASI International also offers support services, also includes an authentication flow in its standard distribution starting in 2021 to make it even easier to integrate privacyIDEA. Lastly, the integrated RESP-API allows for multiple application and combination possibilities. Ultimately, this makes it an universal tool in order to implement different MFA scenarios.

Central Features

Token management and administration
Token validation
General administration functions
Self-service funktions for token enrollment, etc.

Since the update to privacyIDEA 3.4. a new expanded push token designed by NetKnights themselves ensures greater vendor independence in the context of MFA.

What privacyIDEA Services Does DAASI International Offer?

DAASI International can assist you in your project with privacyIDEA with the following services:

Consulting: DAASI International gladly consults you on your options of how to integrate privacyIDEA into your IT infrastructure.
Implementation: DAASI International takes care of the implementation and integration of privacyIDEA
Support and Managed Service: Even after the implementation is complete, DAASI International is always ready to help and advise you via helpdesk. Furthermore, we offer privacyIDEA as “Software as a Service” as part of our Managed Service package.