FIDO Credential Management

vSEC:CMS version 6.3 includes lifecycle management of FIDO credentials. With vSEC:CMS, FIDO user credentials can automatically be enrolled and managed in Identity Providers (IdP). Thereby providing your cloud and enterprise Service Providers (SP) strong authentication of your users.


Versasec’s vSEC:CMS v6.3 customers can now manage integrated FIDO credentials with their vSEC:CMS deployments.

versasec media

Benefits of a centralized FIDO credential management:

  • FIDO credential management
  • Lifecycle management of FIDO credentials including issuance and revocation
  • Single pane of glass management of PKI and FIDO user device traceability
  • Improve user experience
  • Increase security and simplified onboarding administration, by using the same vetting and onboarding process

By offering FIDO management together with PKI management, Versasec brings the best of two worlds into one solution taking the management of FIDO security devices to the next level.

Use Cases

The table below highlights the key feature differences between PIV/PKI and FIDO2.




Device logon
Web logon
E-Mail security
Document signing

The feature is supported.

Security and Credential Management

The table below highlights the differences in regards to security and credential management between PIV/PKI and FIDO2.




Low complexity
No CA necessary
Key recovery
Temporary device
PIN management
Lifecycle management
Roles and permissions

The feature is supported.
* The feature is supported with vSEC:CMS.

Vendor Independent

vSEC:CMS is fully functional with minidriver enabled credentials such as smart cards, USB tokens and virtual smart cards including Windows Hello for Business (WHfB). It streamlines all aspects of managing credentials by connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, PIN mailers... the list goes on. With vSEC:CMS organizations can issue Credentials to employees, personalize the Credentials with authentication credentials and manage the lifecycle of the Credentials - directly from the off-the-shelf product.

Versasec Connects

vSEC:CMS Connectors (see figure above)

  1. 1. Badge Printers for Batch Operations
  2. 2. User Directory for User Look Up
  3. 3. File & Database Servers
  4. 4. Secure Transport of PIN Codes
  5. 5. Event & Log Management
  6. 6. User Photo Capture
  7. 7. Certificate/PKI Services
  8. 8. Physical Access Control Systems
  1. 9. Hardware Security Module
  2. 10. Identity Provider (Secondary Authentication and FIDO2)
  3. 11. Key Archival & Key Recovery
  4. 12. vSEC:CMS Admin - System Administration
  5. 13. Remote Security Device Management
  6. 14. Credentials: Physical & Virtual Smart Cards/Tokens
  7. 15. vSEC:CMS User - End-user Self-service applications
  8. 16. vSEC:CMS Agent - Operational Management Interface

Product News

vSEC:CMS Version 6.3 is now available. The new version incorporates a variety of enhancements, updates and automated tasks, including the following:

  • vSEC:CMS now includes FIDO credential life cycle management.
  • Added integration with gluu IdP for enrolling FIDO credentials on behalf of users.
  • New vSEC:CMS User application with enhanced design and user experience.
  • vSEC:CMS can now generate AES master keys in HSM’s.
  • External permission validation now also available for LDAP directories.
  • Updates to the PIN management of Thales eTokens.
  • Improvements to the DB restoring process.
  • Introducing performance tracking to identify environment bottlenecks.
  • Support for device certificates for Sectigo certificate authority.
  • Managed credentials PUC are now updated as part of the new master key generation process.

Evaluation - Download Today!

Register and download vSEC:CMS directly from here.

Once downloaded and installed vSEC:CMS is ready for use in Evaluation Mode. During the evaluation, you can configure your environment with up to 5 licenses and your own use cases. Each license manages one credential. Additional licenses can be acquired as a subscription or by perpetual license. Please contact a Versasec reseller or Versasec directly to proceed.

Schedule a Demo

To enjoy the vSEC:CMS S-Series full feature set (including Self-Service, Virtual Smart Card, HSM support etc), schedule a demo with Versasec or contact your local Versasec reseller.


The vSEC:CMS scales with your project. With the new load balancing capability, there is no upper limit!

versasec media

Integrability - APIs

The vSEC:CMS S-Series can be integrated and connected in many different ways, the drawing below is trying to visualize the most commonly used options.

Versasec Integrability APIs

Product Sheet

Download the vSEC:CMS S-Series product sheet here.



More information about the complete vSEC:CMS product suite can be found here.


Migrate to vSEC:CMS

vSEC:CMS S-Series includes upgrade wizards that enables quick and simple upgrade paths from third party credential management systems.

Versasec is an IAM provider that helps businesses manage their access-enabling devices.

Check out the details on how to upgrade from:


The product can be purchased from authorized vSEC:CMS integrators and resellers, via our partners reseller network or contact Versasec directly to let us help you find the best way forward.


The vSEC:CMS video content can be found here.