The new Securepoint ID Control authentication system offers you a strong two-factor and three-factor authentication and ensures that only authorised users have access to a system. Using VPN, Citrix, Microsoft Windows Terminal Server, portals, dial-up services, web-based applications, webmail such as Microsoft Outlook Web Access etc. users can access their trusted applications and networks from anywhere - often with a web browser, too.

The problem: Non-secure authentication

Typical authentication with a user name and password uses only one factor, that is, that the user knows this user name and the related password. Authentication through user name and password is proven to be non-secure. Attacks on IT systems (in the company or via the Internet), for example, unauthorised acquisition of passwords through spying, via keyloggers, sniffing, attacks with word databases, brute force attacks etc. are not uncommon and are used to gain unauthorised access to the systems.

The solution: Securepoint ID Control

Securepoint ID Control ensures more security, meaning that access to protected network applications, other applications and resources is granted only to those with required authorisation. By introducing a multi-factor authentication, passwords receive a strong partner with the identity control. The multi-factor authentication combines knowledge (e.g. a password) with possession of a uniquely identifiable object (e.g. an additional one-time password that is generated using a hardware token or by email or text message or linked to a personal characteristic of the user (biometric property)) .

Securepoint ID Control offers one-time passwords that are automatically generated:

  • via the "ID Control OTP Key" (a hardware token)
  • via "HandyID", a program (software token) with a one-time password generator for PDAs, smartphones and mobile phones
  • and as a second one-time password that is sent by text message from the ID Control Server via “MessageID” from the smartphone, iPhone etc. or is sent to the specified email address from the ID Control Server via “MessageID”.

ID Control OTP Key

ID Control OTP Key (hardware token)

The ID Control OTP Key (hardware token) is a small chip-based device that generates ever-changing one-time passwords via user keystroke to ensure secure logon for network logons, in VPNs, applications, servers, systems etc.


HandyID (software token)

HandyID is a program with a one-time password generator for PDAs, smartphones and mobile phones that generates a one-time password after PIN entry. The mobile phone thus becomes a mobile authentication token that is secure and enables two-factor authentication without additional costs for the token hardware.



With MessageID, a one-time password is generated and sent to the specified telephone number by text message or to the specified email address. The user is authenticated after the user name and password have been entered. If valid, he or she receives a second one-time password by text message or by email from the ID Control Server in real-time.

ID Control Server

ID Control Server

The ID Control Server is a platform that is used to provide and manage all types of two-factor or three-factor authentications centrally, such as one-time passwords or the analysis of keystroke biometrics.

Securepoint SSL-VPN with Control ID multi-factor authentication

The Securepoint VPN technology has now become standard for remote access in many company networks. The multi-factor authentication solution developed for Securepoint SSL VPNs allows remote users and administrators to access Securepoint VPNs in a simple and secure manner and helps to prevent the vulnerabilities associated with fixed passwords.