Skip to Content

EMBASSY® Authentication Server Multi-factor Authentication: TPM, Smart Card, Biometric and Password for Windows Environment

Strong server-based multi-factor authentication
EMBASSY Authentication Server (EAS) provides centralized management, provisioning and enforcement of multi-factor domain access policies. With EAS, authentication policies can be based on Trusted Platform Module (TPM) credentials, Smart Card credentials, user passwords and fingerprint templates.

All major PC manufacturers ship PCs with embedded TPM hardware. Embedded TPM hardware provides secure storage and secure transactions for PKI credentials. TPM-based authentication with EAS, combines secure hardware embedded client credentials for the client PC platforms with strong multi-factor credentials for the users.

Multi-factor authentication without complexity
EAS from Wave Systems is seamlessly integrated with a Windows Domain controller and Active Directory. EAS supports powerful combinations of:

  • TPM credentials
  • Smart Card credentials
  • Biometrics
  • Passwords

EAS is transparent by design to an existing Microsoft network authentication implementation and is also integrated with the Microsoft management and reporting utilities.

EMBASSY Authentication
Server Technical Overview


Click to View


Key Features

  • Domain server for hardware-based multi-factor authentication including:
  • Biometric
  • Smart Card
  • Password
  • Centralized validation of TPM, biometric and password credentials
  • TPM-protected credentials for client PC platform authentication
  • Streamlined Enrollment
  • Integrated with Server 2003 and Active Directory


Key Benefits

  • Strong control over who can access corporate resources. EAS adds multi-factor authentication to existing Server 2003 infrastructure.
  • Strong control over what PCs connect to the corporate network. EAS adds TPM based platform authentication to existing Server 2003 infrastructure.
  • Simplified management. EAS provides centralized control of credentials and policies.
  • Easy to install and easy to manage.
  • Extensive auditing and logging capabilities.
  • Standard Kerberos system 5.0 extensions.
  • Compliant with TCG standards.

To purchase, or for more information, please email us at sales@wavesys.com or call us at (877) 228-WAVE.