Trustwave Rolls Out Tokenless Two-Factor Authentication

On-demand solution does not incorporate physical tokens

November 18, 2009

2 Min Read


CHICAGO (November 17, 2009) " Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world, has unveiled a low-cost, token-less, on-demand two-factor authentication solution.

Two-factor authentication involves the use of two components to authenticate a user's identity when accessing a network from a remote location. This usually consists of a factor the user has or possesses (e.g., ATM card) and a factor the user knows (e.g., PIN). Trustwave's on-demand two-factor authentication solution couples digital certificates, representing user's identities, with your existing Virtual Private Network (VPN) infrastructure.

Because Trustwave's solution does not incorporate physical tokens, which provide a code that a user must enter along with a password to access a network remotely, it is able to deliver its solution at a fraction of the cost of these current alternatives. The high cost of issuance, replacement and revocation, combined with the corporate resources required to manage that effort, can make physical tokens a difficult solution for companies to implement, manage and afford.

Trustwave's on-demand two-factor authentication solution drastically reduces these costs, while also eliminating the need to track inventory and maintain associated hardware and software. In addition, the solution leverages existing infrastructure and is managed via an easy-to-use Web portal to eliminate the pains of implementation and maintenance. Trustwave's on-demand two-factor authentication solution does not require any additional hardware and therefore, can be activated immediately!

Additionally, Trustwave's on-demand two-factor authentication solution can be used to fulfill Requirement 8.3 of the Payment Card Industry Data Security Standard (PCI DSS):

Incorporate two-factor authentication for remote access (network-level access originating from outside the network) to the network by employees, administrators and third parties. Use technologies such as remote authentication and dial-in service (RADIUS); terminal access controller access control system (TACACS) with tokens; or VPN (based on SSL/TLS or IPSEC) with individual certificates.[1]

"Trustwave provides an innovative, manageable and flexible two-factor authentication solution that meets the needs of any organization," says Robert J. McCullen, chairman and CEO of Trustwave. "Our solution is simple for customers to deploy and can easily and cost effectively scale to thousands of employees with minimal burden on IT resources."

About Trustwave Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper' compliance management software and other proprietary security solutions. Trustwave has helped more than 30,000 organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights