Vasco targets SMB security with two-factor authentication service

Security illustration with red padlock

Vasco has announced a single-sign on authentication service for e-shops and other websites which works with its two-factor authentication devices and apps.

Instead of having to create an account and remember different passwords for each website they use, users click on the button and login there with a single username and password plus a one-time security code generated by the Vasco token.

The login is then valid for any other linked site, explained Vasco director of services Wim Abraham. He said that, as with many other logins, there is a time-out if you do not use the service for a certain length of time, and customers such as banks can opt to add a second level of authentication for certain activities – financial transfers for example.

The website operator must pay an annual subscription fee to use, this starts at 2000 euros and that basic level covers up to 500 users and 10,000 secure logins. Abraham claimed that for subscribers, "Once you know the OAuth standard, it's an hour's work to put the button on your site."

Users can obtain a Vasco hardware token or download a soft-token app to a smartphone; alternatively they may already have one issued by their bank, say – Vasco claims over 1700 banks as customers, many of them in Europe, Latin America and Scandinavia. They must then link this token's unique serial number to their account, allowing the service to recognise the security codes it generates. The apps for Android and iPhone can also automatically log your PC in by scanning a QR code generated by on the PC's screen.

A number of websites have already begun offering logins via, especially in Vasco's home market of Belgium. " adds strong authentication, single-sign on and identity management. It enables our customers to access cloud services from different service providers with only one user account," said one early adopter, Peter Leemans, the CEO of Belgian CSP ThinFactory.