vSEC:CMS | Technical Specs & Features for Smart Card Management
Part of our Enterprise Credential Management solution suite.
vSEC:CMS will change your views on how to manage the lifecycle of user authentication credentials (smart cards, USB security keys, tokens). vSEC:CMS is an innovative, easily integrated and cost effective Smart Card Management Software or Credential Management Software (SCMS or CMS) that will help you deploy and manage credentials within your organization.
Vendor Independent
vSEC:CMS is fully functional with minidriver enabled credentials such as smart cards, USB tokens and virtual smart cards including Windows Hello for Business (WHfB). It streamlines all aspects of managing credentials by connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, PIN mailers… the list goes on. With vSEC:CMS, organizations can issue Credentials to employees, personalize the Credentials with authentication credentials and manage the lifecycle of the Credentials – directly from the off-the-shelf product.
Versasec Card Lifecycle Management
Versasec goes beyond basic identity management by offering unparalleled flexibility, advanced PKI/PIV, FIDO2, RFID capabilities, and seamless integration with identity providers (ie, Microsoft Entra ID). Thus, enabling organizations to meet their unique identity needs and exceed the requirements of modern security mandates, such as Executive Order 14028.
vSEC:CMS manages the lifecycle of identity credentials (smart cards, security keys, tokens, authenticators), integrating with identity providers (Microsoft Entra ID, Ping Identity, Thales STA), certificate authorities (Microsoft, Keyfactor, DigiCert, Entrust), user directories, smart card printers (Matica, Magicard, HID), hardware security modules (Futurex, Utimaco), and more. This allows businesses to leverage existing IAM infrastructure with leading providers.
Key Differentiators:
- One platform: for PKI and FIDO2 orchestration: integrates with identity leaders bringing you the highest number of supported credentials for the orchestration, & configuration of your IAM security. Versasec serves your budget, compliance, and IT preferences, performing at the security core of your organization.
- Unmatched User Experience: vSEC:CMS simplifies credential management for both IT administrators and end-users. Our innovative self-issuance process with identity providers and PKI certificates allows employees to set up authentication devices without IT intervention. For scenarios where self-service is unsuitable, vSEC:CMS offers help-desk on-behalf of users management. This streamlines onboarding, especially for remote/hybrid workforces, and eliminates the complexities of traditional self-enrollment methods.
- Advanced FIDO2 Enterprise Features: Versasec is at the forefront of FIDO2 innovation. We provide centralized management of FIDO2 devices with features like PIN unblock, Relying Party allow lists, and granular control over fingerprint enrollment. This level of control is crucial for enterprise deployment security.
- Seamless Microsoft Entra ID Integration: vSEC:CMS leverages the latest technology in Microsoft Entra ID, enabling organizations to reach the full potential of Microsoft’s identity platform.
- Comprehensive IAM: vSEC:CMS offers a single pane of glass for managing all logical and physical (access) authentication needs. It supports multiple authenticators, integrates with existing infrastructure (cloud and on-premises), and provides complete lifecycle management for identity credentials.
Impact:
- Increased Efficiency: vSEC:CMS drastically reduces IT overhead. For example, pre-registering a PKI or FIDO, or hybrid key with vSEC:CMS takes a tenth of the time compared to traditional enrollment. This efficiency gain is further amplified with batch issuance, integrations, and APIs.
- Enhanced Security: Our solution strengthens security by protecting enrollment, revocation, and recovery processes. Features like FIDO2 PIN unblock (5 mins vs. hours for manual complete reset and recovery) minimize downtime and mitigate risks associated with temporary replacements with weaker authentication methods.
- Compliance and Oversight: vSEC:CMS provides comprehensive audit trails and reporting, ensuring compliance with industry regulations and security policies, including NIS2 Directive, GDPR, ENISA, U.S. Executive Order 14028.
Addressing Trends:
Versasec is committed to supporting the global shift towards passwordless phishing-resistant authentication. Our robust PKI and FIDO2 implementation, coupled with identity providers, directly addresses the requirements of Executive Order 14028 and NIST Digital Identity Guidelines. By enabling organizations to adopt PKI, FIDO2 security keys and establish Zero Trust, Versasec creates a more secure digital landscape.
Versasec has more than 15 years of expertise in PKI and its with this expertise, we are committed to supporting the global shift toward passwordless phishing-resistant authentication.
“Finally, we can start deploying FIDO2 – this is what we have been waiting for!” – CISO in aeronautics.
KuppingerCole Analysts chose Versasec as one of the first 8 companies to spotlight as KC Rising Star in 2024. A research spotlighting innovation and market alignment in the IAM, digital identity, and cybersecurity.
In conclusion, Versasec products are ideal to:
- Comply with security regulations through high-level security and reduced effort.
Improve user experience and oversight through IT on-behalf-of-user management, simplified self-service, and streamlined workflows. - Utilize identity investments to their fullest potential for secure and efficient identity management.
- Satisfy customers’ unique identity needs with a flexible and adaptable solution.
Product News:
Meet vSEC:CMS 7.3 – Advancing Orchestration and Governance with Microsoft Sentinel Integration and YubiKey as a Service
- New Versasec Codeless Connector for Microsoft Sentinel: Versasec introduces an integration built on Microsoft’s Codeless Connector Framework (CCF). You can now stream vSEC:CMS events directly into Sentinel’s Log Analytics tables.
- Support for Thales SafeNet IDPrime DI 930 FIDO 2.0 Smart Card.
Expanding options for enterprises seeking a contact- and contactless-authenticator that supports both PKI and FIDO 2.0 technologies. - Support for the Thales SafeNet eToken Fusion BIO (Standard & Enterprise Features) Tokens.
Both the Standard and those featuring Thales Enterprise Edition are supported by vSEC:CMS. This integration allows enterprises to deploy and manage the enrollment and management of fingerprints for authentication purposes. - Versasec provides enterprise-grade lifecycle management for the HID Crescendo 4000 series through its vSEC:CMS (on-premise) and vSEC:CLOUD (managed service) platforms. Because the Crescendo 4000 is a “minidriver-enabled” card, the Crescendo 4000 integrates natively with Versasec’s orchestration to handle everything from initial issuance to retirement.
- FIDO Support for the HID Crescendo C2300 Cards. Versasec has officially expanded its support for the HID Crescendo C2300, moving beyond its long-standing PKI management to include full FIDO2 lifecycle orchestration.
- Version 7.3 debuts a new built-in report framework featuring pre-made reports to provide immediate visibility into credential data. Integration with YubiKey as a Service allows organizations to ship pre-registered YubiKeys with FIDO2 passkeys directly from the credential management systems to the end-user. Bypassing complex manual security logistics and delivering a streamlined, zero-touch workflow for both administrators and end-users.
- Configuration Export streamlines environment management by allowing administrators to export their entire system setup into a machine-readable JSON file. This capability is particularly valuable for performing audit comparisons between different CMS instances, such as identifying configuration drift between a test lab and a production system.
- Versasec has expanded the accessibility of its suite by adding Canadian French language support to the vSEC:CMS Agent application.
vSEC:CMS
Starter Pack 50
€2.69
Per Credential Per Month
Yearly Subscription
Price Excl. Taxes
- Professional Level Support
- Customer On-Prem or Private Cloud
- Full vSEC:CMS Feature Set
- 50 Credentials
vSEC:CMS
Starter Pack 100
€1.85
Per Credential Per Month
Yearly Subscription
Price Excl. Taxes
- Professional Level Support
- Customer On-Prem or Private Cloud
- Full vSEC:CMS Feature Set
- 100 Credentials
vSEC:CMS
Starter Pack 500
€1.56
Per Credential Per Month
Yearly Subscription
Price Excl. Taxes
- Professional Level Support
- Customer On-Prem or Private Cloud
- Full vSEC:CMS Feature Set
- 500 Credentials
vSEC:CMS
>500 Credentials
Contact Sales
for Pricing
- Professional Level Support
- Customer On-Prem or Private Cloud
- Full vSEC:CMS Feature Set
- Custom
Evaluation – Download Today!
Once downloaded and installed vSEC:CMS is ready for use in Evaluation Mode. During the evaluation, you can configure your environment with up to 10 licenses and your own use cases. Each license manages one credential. Additional licenses can be acquired as a subscription or by perpetual license. Please contact a Versasec reseller or Versasec directly to proceed.
Schedule a Demo
To enjoy the vSEC:CMS full feature set (including Self-Service, Virtual Smart Card, HSM support etc), schedule a demo with Versasec or contact your local Versasec reseller.
Scalability
The vSEC:CMS scales with your project. With the new load balancing capability, there is no upper limit!
Integrability – APIs
The vSEC:CMS can be integrated and connected in many different ways, the drawing below is trying to visualize the most commonly used options.
Migrate to vSEC:CMS
vSEC:CMS includes upgrade wizards that enables quick and simple upgrade paths from third party credential management systems.
vSEC:CMS system migration paths - never locked in!
vSEC:CMS includes upgrade wizards that enables quick and simple upgrade paths from third party credential management systems.
Check out the details on how to upgrade from:
- Read more about Thales SAM
- Read more about Microsoft MIM/FIM CM
- Read more about Gemalto DAS / IDAdmin 100
Resellers
The product can be purchased from authorized vSEC:CMS integrators and resellers, or directly from Versasec – contact Versasec to let us help you find the best way forward.
Quick Preview
vSEC:CMS can manage the most feature-packed hardware-based authenticators in the market (from Thales, Yubico, HID, and more), and secure the most complex technologies, such as, PKI, PIV, FIDO2, and physical access.
Here are some quick videos of its management capabilities.
Organizations Using Versasec
Organizations worldwide have upgraded their identity management, left behind passwords, and are focusing on other IT priorities.
- 37% Tech & Services
- 29% Government
- 11% Financial
- 23% Others
What Our Customers Are Saying
- “I looked at Versasec and at the end of the day, it wasn’t a product. The way that Paul worked with us and continues to work with us today, it’s a true partnership and I know I can lean on them and make that call, shoot that email, and get a response. It’s a true partnership and it’s really nice to be able to have that, as opposed to a traditional ‘this is my piece of software, call support and have a good day.’” – Head of IT, Air Hydro Power. | Product: vSEC:CMS for PKI + FIDO. | Read Case Study.
- “Two of the primary reasons that Versasec got our business: one, the on-premises feature. We’re not resisting the cloud, but if we can keep it on-premise, we manage our hardware and virtual environment. Two – perpetual licenses. We pay for support, but the licenses are there and will always be. We know that Versasec would be responsive if we need more licenses. Overall – the experience has been exactly what we were looking for.”
– Aron Gann, System Administrator, Brookshire Brothers. | Product: vSEC:CMS on-prem for YubiKeys. | Read Case Study. - “Our team wants to focus on delivering business value. Updating software and servers, while important, is low value. By using a managed solution, we can focus on business objectives.”
– Head of Engineering and Cybersecurity | Product: vSEC:CLOUD.
Get Started
Getting started is easy. Schedule a 30 min demo with an identity expert to see if Versasec is a good fit for your organization.
Foundational Security: Credential Issuance and Management for PKI and FIDO
At our core, we establish a secure and controlled environment for enterprise credential issuance and management through primary connections.
This provides both simplicity and the highest level of security for effective credential management.
Versasec Supported Credentials & Passwordless Authenticators
Versasec strives to support as many credential types as possible in all of Versasec’s products. Below are phishing-resistant credentials we support. We hope one fits your enterprise, users, and devices. Not all multi-factors are created equal. Customize based on your organizational needs and goals. We support PIV, PKI, Virtual, Physical Access, Logical Access, and combined FIDO+PIV, and FIDO-only credentials. Versasec does not lock you in to one provider, we are credential-agnostic. The number of supported credential types is continuously increasing with every new product version. If you want to manage a different credential, currently not on our list, please contact us at info@versasec.com.
* Tokens and smart cards with FIDO2
ACS
Atos
Ensurity
Feitian
Open FIPS
Safe Trust
Swissbit
Taglio
TCOS
Thales IDPrime MD 3810
Thales IDPrime MD 3840
Thales IDPrime MD 3930
Thales IDPrime MD 3940
Thales IDPrime MD 3940 FIDO *
Thales IDPrime PIV 2.1
Thales IDPrime PIV 3.0
Thales IDPrime Virtual
Thales MultiApp ID
Thales SafeNet eToken 5100, 5110 FIPS, 5110+ FIPS, 5110+ CC
Thales Safenet eToken 5300
Thales SafeNet eToken FIDO*
Thales SafeNet eToken FIDO NFC*
Thales SafeNet eToken Fusion FIPS*
Thales SafeNet eToken Fusion NFC PIV*
Thales SafeNet eToken Fusion/CC*
Thales SafeNet eToken Fusion BIO*
Thales SafeNet IDCore 3121 FIDO*
*Tokens and smart cards with FIDO2
Product Features
The table below highlights the key features in the Versasec credential management product suites.
vSEC:CLOUD |
vSEC:CMS |
|||
User-Side Credential Operations
|
||||
Agent-Side Credential Operations
|
||||
Advanced Credential Operations
|
||||
Database
|
||||
Credential Management System Features
|
||||
vSEC:CLOUD |
vSEC:CMS |
|||
Product Features |
||||
Advanced Management Features
|
||||
Systems Integrations
|
||||
Integrations/APIsServer-Side
Client-Side
|
||||
vSEC:CLOUD |
vSEC:CMS |
|||
Licensing/Packaging |
||||
|
Managed by Versasec |
||||
|
Subscription |
||||
|
Perpetual Licenses |
||||
|
Installation Package |
||||
NOTE
✔ – The credential is supported by the product.
L – Known limitations – check release notes.
For details about validated middleware/minidrivers check the Versasec support portal or contact us.
Versasec Support
Versasec customers with an existing support and maintenance contract can access the Versasec Support Portal, offering extensive professional support and maintenance services. The Versasec Support Portal offers a variety of services, allowing for customers and any site visitor to communicate directly with support engineers.
Company Blog
Our blog addresses the latest security trends and stories. The posts discuss how identity and access management are playing a larger role in keeping corporate data safe as well as brand reputations intact.