Authentication for Enterprises
Smart and secure authentication with SpearID
Enable fast and secure access to all applications and resource for all users on any device, anywhere. SpearID Enterprise offers high-assurance authentication and single sign-on using zero trust and no passwords.
SpearID Enterprise is for everyone
For the Enterprise
SpearID Enterprise provides best return on security investment with un-matched protection of technology investment.
- Zero Trust identity-based access to resources
- The only truly effective technology to prevent account takeovers in all environments
- No more calls for password reset to the help-desk
- Super-fast and secure logins to workstations, cloud services, web and local applications, and even old legacy applications with no native support for strong authentication
For Individuals
SpearID FIDO tokens are ready to use
- Secure login to all popular services supporting FIDO or any other one-time password 2-factor authentication
- Supported on all computers, internet browsers and smartphones
- Intuitive and easy to use with great tutorials on all sites supporting FIDO or any other 2-factor authentication
For Developers
SpearID Enterprise provides simple integration with native support in most environments, open standards and interfaces, and free open-source tools readily available from Spear Innovations and the OS community:
- Standardised technology based on PKI cryptography, PIV compatibility, FIDO and WebAuthn standards and One-Time Password technology
- Access to documentation, software and developer support services
- Technical support at all levels
Get Started
Find the right SpearID solution
Check out the solution feature table to find the right secure authentication and login solution for you or your enterprise.
Start using your SpearID authentication solution
Set up your SpearID Enterprise card, token or mobile app with the supported system, application or service you wish to secure.
SpearID FIDO Security Key
Ideal for enterprise users that require a security key for multi-factor authentication to local and cloud services. SpearID FIDO key supports FIDO2/WebAuth, FIDO U2F and OTP.
Just use it. Simple to add second-factor to any service by the user.
SpearID Mobile
SpearID Mobile provides a simple and secure access to all corporate applications using a mobile authentication and user enrolment app.
Uses phone’s biometric sensor and built-in phone security.
Provides MFA/SSO solution to your company, with Mobile freedom.
SpearID Smartcard & Token
SpearID certificate-based PKI smartcards and tokens are ideally suited for enterprise environments that require secure access to on-prem, cloud or remote applications and resources.
Provides hard-core security like no other solution.
SpearID Enterprise SSO
Identity-driven secure access for the enterprise. It enables access to on-premises & cloud applications from private or shared workstations, including legacy applications.
Most comprehensive solution for Single Sign-On supporting Zero Trust.
Just use it. Simple to add second-factor to any service by the user.
Provides MFA/SSO solution to your company, with Mobile freedom.
Provides hard-core security like no other solution.
Most comprehensive solution for Single Sign-On supporting Zero Trust.
What is SpearID Enterprise?
SpearID Enterprise is the most comprehensive hardware-backed security authentication solution
The SpearID Enterprise authentication solutions eliminate account takeovers and eases the burden of managing and using strong security mechanisms to protect access to resources on local, cloud and web-based, modern and legacy systems. SpearID Enterprise authentication solutions provides a range of authentication methods including strong two-factor, multi-factor and passwordless authentication - using a smartphone app, security key or a smartcard badge. It is effectively protecting users, applications and enterprise resources from attacks.
Only the Strongest Security
SpearID Enterprise in a All-in-one secure authentication solution that provides the strongest security for user authentication and login, in all environments.
Support of all Applications
SpearID Enterprise authentication solutions supports Windows, Mac and Linux logins, all FIDO enabled cloud services such as Gmail, M365, Dropbox, Facebook, Salesforce, all One-Time Password 2-factor authentication enabled applications, and all PKI enabled systems such as Citrix, VMWare and end-point security applications.
Support all Use-Cases
SpearID Enterprise authentication solutions are perfect for covering all current and future use cases. SpearID Enterprise authentication solutions are also perfect for replacing all your current authentication devices, apps and solutions with a single, strong security solution that standardises all security domains on the same high assurance level. All this without taking away anything from flexibility, ease-of-use or supported systems.
SpearID Integrates with all Enterprise Applications
Enterprise environments
Microsoft Active Directory and Azure Directory
Microsoft Intune
Microsoft O365
Microsoft Windows 10 and 11
MacOS and Linux
IOS and Android
Cloud Services
Amazon Web Services
G Suite cloud
SalesForce cloud
Citrix and VMWare
Blackberry and Pulse Secure
Identity and Access Management
All FIDO2 and FIDO U2F supporting applications, services and browsers
All OTP (One-Time Password) supporting applications, sevices and systems (Time-based TOTP and Hash-based HOTP)
Okta
PingIdentity
Duo
Services
Enterprises can easily procure and distribute SpearID Enterprise authentication solutions for employees, partners and customers at scale and get expert support and consulting services to help ensure success.
Personalisation and Delivery
SpearID Enterprise card personalisation and secure delivery service
Security Key Fulfilment
SpearID Enterprise FIDO-PKI security key personalisation and secure delivery service
SpearID Mobile as a Service
SpearID Mobile SaaS service
Professional Services
Spear Innovations provides professional services and technical support for our solutions and technologies both in English and Finnish.
Mobile Authentication
Smart and secure authentication with SpearID
SpearID Mobile provides a simple and secure access to all corporate applications using a mobile authentication and user enrolment app. SpearID Mobile uses the biometric sensor on smartphone to log in.
SpearID Mobile is a all-in-one password-free authentication, single sign-on and identity platform for organisations. Designed to meet the security needs and standards of regulated industries, it offers a safer, quicker and easier way of logging in.
Key Benefits of SpearID Mobile
1. No shared secrets
Passwords are shared secrets. SpearID Mobile creates a public/private key pair and stores the private key in the secure hardware of the smartphone. Using public key cryptography, no one else has access to this key. The user alone has access to the private key using biometric identification.
2. Secure and fast IT experience
With password-free authentication, there are no passwords to remember or type in and, more importantly, none to forget or accidentally disclose. By removing passwords, SpearID Mobile removes stress, wasted time and the hackers’ #1 target.
3. ROI in less than 3 months
The elimination of passwords improves efficiency and productivity so dramatically that customers will see a return on their investment in weeks, not years.
4. Multiple deployment options
SpearID Mobile can be deployed on premises and in the cloud, or as a fully managed service (SaaS), providing the customer with the perfect model for each IT strategy.
Key Features of SpearID Mobile Authentication
The Standard for Secure Authentication
SpearID Mobile is a universal Multi-Factor Authentication app that replaces all dedicated or legacy MFA solutions for any application, service or IT system.
No Security Trade-offs with SpearID Mobile
SpearID Mobile is the only enterprise mobile authentication solution that provides the same high authentication assurance level as a smartcard security chip.
Secure Mobile Authentication to all Applications and Resources
SpearID Mobile provides a simple and secure passwordless access to all corporate applications using a mobile authentication and user enrolment app. SpearID Mobile uses the biometric sensor on smartphone to log in.
SpearID Mobile is a all-in-one password-free authentication, single sign-on and identity platform for organisations. Designed to meet the security needs and standards of regulated industries, it offers a safer, quicker and easier way of logging in. It combines the smooth usability of a mobile authentication app with strong hardware-based PKI security on the phone
SpearID Mobile removes unnecessary complication related to strong user authentication, MFA and secure login to workstations, IT systems, cloud services and applications while keeping users safe from data breaches and the risks associated with passwords.
Strong Authentication with smartcards and tokens
Freedom to choose your form factor
The SpearID Enterprise authentication solutions eliminate account takeovers and ease the burden of managing and using strong security mechanisms to protect access to resources on local, cloud and web-based, modern and legacy systems. SpearID Enterprice cards and tokens provide strong multi-factor authentication without use of passwords.
Get Started
High Security
All SpearID Enterprise smartcards are based on dedicated smart card security processors, designed to be physically and logically tamper resistant. SpearID Enterprise supports on-board key generation, cryptography, random number generation, and enforces PIN based two factor authentication.
Multiple Use Cases
Different SpearID Enterprise smartcard versions offer different security certifications, supporting different customer requirements.
Deploy SpearID Enterprise smartcards using standard Microsoft Windows® environment. No specialized PIV Card Management Systems required.
SpearID supports a wide variety of deployment scenarios including central issuance and user self-enrolment.
Multiple Interfaces
Supports modern and trusted authentication protocols: PKI certificates and PIV-C
Supports physical and contactless interfaces, and mobile authentication: PKI/PIV-C, ISO(IEC 14443A RFID and optional physical access control credentials
Key Features
Windows Plug & Play
For end-users, SpearID supports the standard Windows® built-in PIV Smart Card Minidriver which means that no software installation is required for secure Windows® login. For the enterprise administrator, the smartcard Minidriver enables the use the standard Windows® Certificate Enrolment processes and tools. Organisations can instantly issue, manage and use the SpearID smartcards and tokens in Windows® environments without software installations or integrations. Linux and Mac are supported using totally free standard software.
Physical Access Security
Open doors and gates with physical access credentials on the SpearID Enterprise smartcard. The SpearID Enterprise cards supports different Proximity (125kHz Prox, 13,56 MHz MIFARE DESFire® and ISO/IEC 14443) in multiple data formats, which are widely used in physical access control systems across the world.
Certificate-based Login
SpearID Enterprise enables secure storage of digital certificates and associated cryptographic keys issued by the enterprise organisation or by a trust third-party Certificate Authority. Digital certificates support PKI applications like logon to Windows®, Citrix®, Bitlocker, SSH, electronic signing, data encryption or remote access using VPN, RDP and HTTPS.
Through the use of the PIV interface, SpearID Enterprise enables user support for applications on many different platforms.
PIV-Compatible
SpearID Enterprise is compatible with the FIPS 201 PIV Smart Card Standard. It implements NIST SP 800-73 Part 3, the PIV Card Command Interface and is a PIV-C (Compatible) smartcard designed for enterprise use. This makes it compatible with all PIV supporting applications and platforms available on the market. These include many end-point security solutions as well as legacy application that do not support other types of smartcard credentials.
SpearID Enterprise CBA
Microsoft Entra ID CBA (Certificate Based Authentication)
Allows users to authenticate directly with X.509 certificates for all Microsoft applications and browser sign-in cloud systems.
We provide the means to do this using:
- Physical Access Cards / ID Badges
- SpearID Mobile MFA application
- SpearID FIDO tokens
- SpearID BIO fingerprint smartcards
- ✔ NO PASSWORDS
- ✔ EU NIS2 Directive
compliant strong phishing-proof user authentication
User Fingerprint Biometric Authentication
SpearID® BIO is a biometric authentication solution for enterprises:
- Fingerprint authentication directly on the smartcard - No need for biometric fingerprint databases or AFIS systems.
- SpearID Mobile MFA application
- No battery - All functions and features are powered using the card reader transmitted current.
- Card authentication is successful only if the fingerprint authentication is successful.
SpearID Enterprise PKI & FIDO2 Security Key
All-in-One Security Key
SpearID Enterprise FIDO-PKI combines both FIDO2 and PIV-C/PKI technology on the same security key
Get a SpearID Enterprise Key Now
Single SpearID Enterprise FIDO-PKI security key pricing starts at 45 Euro / piece
Fast and Secure Authentication with SpearID Enterprise Token with FIDO2 and PKI
- The SpearID Enterprise FIDO-PKI security key meets the highest level of assurance (AAL3) of the new NIST SP800-63B guidelines.
- Suitable for large and mid-size enterprises, including all regulated industries (banking, healthcare, government)
- Support for advanced PKI credential and token management using Windows Active Directory and third-party credential and token management systems with Microsoft mini driver card support
- Supports all high security assurance authentication protocols: PKI certificates, FIDO2/WebAuthn and PIV-C
- Supports physical and contactless interfaces: PKI/PIV-C, USB, NFC and RFID for physical access control systems (PACS)
Check also our FIDO2 security key
Enterprise Single Sign-On
Zero-Trust Identity-based SSO
SpearID Enterprise SSO enables fast and secure access to on-premises and cloud applications from private or shared workstations to support hybrid IT environments. It provides strong authentication to enable access to desktops and applications with biometric identification on the smartphone.
Key Features
SSO to all applications
SpearID Enterprise SSO enables fast and secure access to on-premises and cloud applications from private or shared workstations to support hybrid IT environments. With seamless access into cloud applications and deep integrations into on-premises applications, including legacy applications, organizations have multiple ways of delivering single sign-on from any device and any location.
No Click Access
SpearID Enterprise SSO provides strong authentication to enable access to desktops and applications with biometric identification on the smartphone.
The use of the secure chip within the mobile provides robust high-assurance security and meets the most stringent security policies and controls. Organisations own cryptography and keys.
Zero-Trust
SpearID Enterprise SSO provides identity-driven secure mobile access for the enterprise using a Zero-Trust model.
The SpearID Enterprise SSO is a secure mobile web browser that can handle digital identities, authentication and SSO. It supports certificate-based authentication, Mutual TLS and Kerberos.
SpearID Enterprise SSO
Secure Mobile Single Sign-On to Any Application, in Any Environment
The SpearID Enterprise SSO is a secure mobile web browser that can handle digital identities, authentication and SSO. It supports certificate-based authentication, Mutual TLS and Kerberos.
Provisioning users to the SpearID Enterprise SSO secure browser is simple and could use existing organisation processes for onboarding.
An SpearID Enterprise SSO enrolled device employs its hardware-backed security and key management to ensure that when the user uses the secure browser, any websites requiring authentication will be handled by the browser and will not require a password from the user.
The use of the secure chip within the mobile provides robust high-assurance security and meets the most stringent security policies and controls. Organisations own cryptography and keys.
The SpearID Enterprise SSO Secure Access Gateway (SSOSAG) will provide a point to where the mobile browser will connect within the internal network. The SSOSAG will perform DNS lookups for inbound web traffic from mobile.
SpearID Enterprise SSO leverages Azure and enables an organisation to manage SpearID Enterprise SSO secure mobile browser via Intune.
What is SpearID Enterprise Single Sign-On?
Authenticate Only Once
Enterprise Single sign-on (SSO) technology helps to address identity management and user authentication challenges in enterprise IT environments that are not addressed by cross-domain Federated Single sign-on solutions.
The SpearID Enterprise SSO allows users to sign in using strong authentication only once and have access to all of their authorized applications without keeping track of multiple passwords, regardless of whether the applications support identity federation, enterprise trust or strong authentication. The SpearID Enterprise SSO solution streamlines and strengthens the security of access while improving user productivity. SpearID Enterprise SSO is the ultimate solution for switching from the use of passwords altogether.
Usability and Convenience Meets Security
In most enterprise IT environments where applications and systems are delivered using different platforms (on-prem Windows AD, cloud and legacy applications) SpearID Enterprise SSO offers an increase in productivity and in time savings while it helps organisations to drastically reduce security threats resulting in data breaches.
SpearID Enterprise SSO contributes to a better usability of passwordless strong authentication by providing users with a fast and convenient way to login to all IT systems and applications. Better usability also means fasted adoption and the disappearance of dangerous "work-arounds" users are tempted to resort to if the login processes are complicated.
