Skip to main content
Skip table of contents

x509 Certificates For Chip Cards & Badges

My-Access offers Authentication using x509 certificates, namely for chip card (badges) authentication or for certificates stored in browsers.

x509 certificate authentications using Memority support mutual TLS and run the following minimal checks:

  • Validity Check:

    • Has the certificate been signed by an entreprise-approved Certificate Authority (CA)?

    • What is the certification chain?

    • Has the certificate expired?

    • Has the certificate been revoked (CRL)?

  • Data extracted from the certificate allowing to identify its owner

PIN code management (enforcement, length, unsuccessful attempts, etc.) can be supported if your company (or a supplier) owns and operates your chip cards and Public Key Infrastructure (PKI).

Enrollment process

Activation

Users need a specific right to be able to authenticate using x509 certificates. This activation can be done:

  • Manually by an administrator.

  • Automatically from Memority policy (identity or role) which can use identity attributes characteristics.

Enrollment

No enrollment required after activation.

Authentication Process

Authentication with x509 certificates is transparent.

Read Next

FIDO2 For Windows Hello, Yubikeys & Passwordless Authentication — My-Access offers Passwordless Authentication using Fido2 or Windows Hello tokens. FIDO2 is the passwordless evolution of FIDO U2F.
OTP SMS / Mail authentication — My-Access offers authentication via OTP sent by email or SMS, compatible with authentication to access Web applications, mobile applications and heavy clients.
OATH For Authenticator Apps — My-Access offers authentication through OATH to generate TOTPs on mobile Authenticator Apps such as Google Authenticator, Microsoft Authenticator or any other eligible application.
x509 Certificates For Chip Cards & Badges — My-Access offers Authentication using x509 certificates, namely for chip card (badges) authentication or for certificates stored in browsers.
Passwords (Including LDAP/AD passwords) — Memority offers password authentication natively.
IDP Proxy — My-Access supports SAML2, OIDC and OAuth2 protocols as Service Provider (SP) in a scenario where user authentication/authorization is delegated to an external Social Network (Meta, Google, X, etc.) or private third party Identity Provider (IdP) using their own local credentials.
Kerberos Authentication — My-Access supports transparent Kerberos authentication.
Secure Cookie — Memority provides authentication via Secure Cookie (“Trust this device”), which is mostly used in B2C contexts.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close