Authentication - Identity and Access Management

As leading consultants in the application of authentication processes our aim is to help you to apply identity and access management.

Whether it’s information about people or private corporate information there is a fundamental business requirement to protect access to these areas.

Personal authentication consists of up to 3 factors commonly known as 1-F, 2-F or 3-F



  • Smartcards
  • Keyfobs
  • Mobile Devices


  • Passwords
  • Images
  • Patterns


  • Fingerprint
  • Retina
  • Voice

With 3-F authentication you have possession, knowledge and inherence but sometimes you may only have one or two factors applied. Electronic payments for example are usually based on 2-F authentication by having a payments card and a PIN.

The more factors that are used the better the authentication.

microexpert 1F, 2F, 3F authentication image

The last thing that you want to experience is a security breach

Authentication is a fundamental control for a business to deploy in protecting their digital assets. As more businesses are moving their data to the cloud, authentication has become absolutely essential for managing access to important information.

Why cryptography is so important in achieving authentication

The first factor of authentication we discussed was possession where the user is given for example a smart card. When the person is being authenticated the validator needs to check that the card is indeed the one issued to that person. The way that this is done is to check that the smart card contains a secret key and the validator challenges the smart card to prove it knows this key by making it encrypt a random number. The validator can do the same encryption step to show the card contains the same secret key. More advanced techniques can use public key cryptography.

microexpert global secret key global image

Cryptography and the protection of secret keys is the core technology for computer security

At Microexpert, we advise clients on how to design and build Identity and Access Management (IAM) systems. This is to protect valuable digital assets for:

  • Data privacy
  • Electronic payments and transactions
  • Digital currencies and blockchain applications
  • Internet Of Things (IOT)
  • Industrial Control Systems (ICS)

We use agile development techniques for embedded cryptographic systems in the following hardware devices:

  • Hardware Security Modules (HSMs)
  • Secure Elements (SE)
  • Smart cards and secure MicroSD cards
  • Cryptographic tokens
  • Mobile devices

We will listen to your requirements and advise you on the best way to go. We can also design and develop solutions for both proof of concept and production to match your needs.


If you are researching or planning a project or just need some friendly advice.

Call +44 (0)1903 723 548 or email us at m.


+44 (0) 1903 723 548
+44 (0) 1903 734 975

Microexpert Limited
Gratwicke House
10 East Street
West Sussex
BN17 6AW, UK

© 2018 Microexpert. Registered number 01755695.
line-height: 180%;