at Financial Technnology Year
This content is provided by FinTechBenchmarker.com who are responsible for the content. Please contact them if you have any questions.
WatchGuard AuthPoint from WatchGuard
Multi-factor authentication solution with hardware tokens specifically designed for financial applications. Features include push-based approval, QR code authentication, and one-time passwords for securing treasury operations and payment authorizations with detailed audit trails.
Product analysis by function
Secure Authentication Hardware for Treasury Operations
Physical devices such as security tokens, smart cards, and biometric readers that provide multi-factor authentication for payment approvals and system access.
More Secure Authentication Hardware
More Treasury Operations ...
Authentication Methods
(8 Yes /8 Known /10 Possible features)
|
Multi-factor Authentication (MFA) Requiring two or more verification methods for user login (e.g., password, token, biometrics). |
WatchGuard AuthPoint provides multi-factor authentication (MFA) using hardware tokens, push notifications, and other methods. | |
|
Biometric Authentication Support Ability to use fingerprints, facial recognition, or iris scans for identity verification. |
AuthPoint supports biometric authentication through its mobile app (fingerprint/face recognition support on compatible devices). | |
|
Hardware Token Integration Support for physical authentication devices such as YubiKeys, smart cards, or OTP tokens. |
Hardware token integration is a core AuthPoint feature; supports OTP tokens including physical hardware. | |
|
Public Key Infrastructure (PKI) Supports authentication using public/private key pairs and digital certificates. |
No information available | |
|
Single Sign-On (SSO) Allows users to access multiple treasury applications with one set of credentials. |
AuthPoint supports SSO, allowing users access to multiple cloud and on-premise applications with one set of credentials. | |
|
Time-based One-Time Passwords (TOTP) Support for authentication using app-based or hardware-generated time-limited codes. |
Supports TOTP (time-based one-time passwords) via app and hardware tokens. | |
|
Adaptive Authentication Dynamically adjusts authentication based on risk signals (location, device, time, etc.). |
Adaptive authentication is available through risk-based access, changing authentication demands based on user context. | |
|
Device Binding Ability to restrict access to specific pre-authorized devices. |
Device registration and binding are supported to restrict access to pre-authorized devices. | |
|
Knowledge-Based Authentication Enables secondary verification through personal or system-generated questions. |
No information available | |
|
Transaction Signing Users digitally sign transactions with a hardware device as a distinct action. |
Digital transaction signing is supported through push or OTP hardware tokens. |
Hardware Security
(5 Yes /5 Known /10 Possible features)
|
Tamper-Resistant Design Hardware features that prevent unauthorized physical access or compromise. |
AuthPoint hardware tokens are tamper-resistant, per vendor documentation. | |
|
FIPS 140-2/3 Compliance Hardware certified to Federal Information Processing Standards for cryptographic modules. |
No information available | |
|
Secure Key Storage Encryption keys are stored in secure hardware modules, not software. |
Encryption keys for OTP generation are secured in hardware tokens, not software. | |
|
Remote Wipe Capability Ability to erase or deactivate devices if lost or stolen. |
No information available | |
|
Physical Lock Mechanisms Locking or anchoring devices to prevent removal or theft. |
No information available | |
|
Backup Device Support Allows for quick replacement and setup of a backup device. |
Backup/replacement device process is documented and supported for lost hardware tokens. | |
|
Secure Firmware Updates Updates to device software are cryptographically signed and validated. |
Firmware updates for hardware are cryptographically signed and validated. | |
|
Environmental Control Features Ability to withstand variations in temperature, humidity, or mechanical shock. |
No information available | |
|
Audit Logging Capabilities Logs hardware access and usage details for security review. |
System includes audit logging for access, authentication attempts, and administration activity. | |
|
Device Lifespan Average number of years hardware devices are expected to remain operational. |
No information available |
User Management
(10 Yes /10 Known /10 Possible features)
|
Centralized User Provisioning Manage all user credentials and devices from a central dashboard. |
AuthPoint provides centralized management dashboard for credentials/devices. | |
|
Role-Based Access Control (RBAC) Assign and enforce user roles and permissions aligned to corporate treasury functions. |
Role-based access control is supported for granular permissions. | |
|
Bulk User Enrollment Onboard large groups of users/devices at once. |
Bulk enrollment for both users and tokens is supported through management console/import tools. | |
|
User Self-Service Device Activation Allow users to securely activate and register new devices on their own. |
End users can self-register tokens using QR code with policy-based control. | |
|
Automated Deprovisioning Automatic revocation of credentials and hardware when users leave or change roles. |
Credentials and device deprovisioning is automated based on admin action or directory sync. | |
|
Delegated Administration Assign user, device, or location-specific administrators. |
Delegated admins can be assigned to manage user/device groups or locations. | |
|
Integration with HR Systems Link user lifecycle management with corporate HR or LDAP directories. |
Integration with on-premise AD, Azure AD, and some HR/LDAP systems is supported. | |
|
Device Assignment Tracking Monitor which devices are issued to which users. |
Device assignment is tracked via management dashboard and reporting. | |
|
User Behavior Analytics Monitor authentication patterns for anomalies or risky behaviors. |
User behavior analytics available through monitoring authentication events and anomaly detection. | |
|
Customizable Lockout Policies Configure thresholds for failed login/device authentication attempts. |
Configure thresholds for failed logins with custom lockout policies. |
Integration and Interoperability
(9 Yes /9 Known /10 Possible features)
|
APIs for Integration Availability of REST, SOAP, or proprietary APIs for system integration. |
APIs are available for integration with other enterprise systems. | |
|
Support for SAML/OAuth/OpenID Interoperability with modern authentication standards and single sign-on protocols. |
AuthPoint supports SAML, OAuth, and OpenID Connect for SSO/integration. | |
|
ERP/TMS Compatibility Can be paired directly with enterprise resource planning or treasury management systems. |
ERP and TMS compatibility is possible via SAML/SCIM/LDAP/API connectors. | |
|
Plug-and-Play Installation Requires minimal technical effort for setup and deployment. |
Plug-and-play installation is a claimed feature, with limited technical effort required for SaaS setup. | |
|
Legacy System Support Ability to interface with older, non-standardized treasury applications. |
Legacy system integration options available (RADIUS, LDAP). | |
|
Cloud Service Integration Works seamlessly with cloud-based treasury systems. |
Supports cloud-based applications integration. | |
|
Mobile App Integration Seamless functioning with treasury mobile apps and devices. |
Mobile app integration for authentication and alerting is supported. | |
|
Custom Integration Tools SDKs, connectors, or middleware available for bespoke system integration. |
Custom integration options through SDK/API documentation. | |
|
Multi-Platform Compatibility Works across Windows, MacOS, Linux and mobile operating systems. |
Available on mobile (iOS/Android), Windows, MacOS, and browser platforms. | |
|
API Request Rate Limit Maximum supported API calls per second. |
No information available |
Compliance and Regulatory Support
(9 Yes /9 Known /10 Possible features)
|
GDPR Compliance Adherence to regulations on data privacy and user consent. |
WatchGuard states GDPR compliance in their documentation and privacy policy. | |
|
SOX Compliance Aligns with Sarbanes-Oxley requirements for financial controls and reporting. |
SOX compliance supported; provides detailed audit trails for financial operations. | |
|
PSD2/SCA Support Meets Payment Services Directive/Strong Customer Authentication mandates. |
AuthPoint is designed to comply with PSD2/SCA for customer authentication in financial services. | |
|
Audit Trail Retention Period Length of time audit records are stored and accessible. |
No information available | |
|
Custom Policy Enforcement Ability to enforce geographic, business unit, or regulatory-specific access policies. |
Enforces access policies based on geography and other business rules. | |
|
Independent Security Certification Certified by an independent authority (e.g., ISO, Common Criteria). |
Holds independent security certifications (including ISO 27001 for AuthPoint Cloud). | |
|
Real-Time Compliance Reporting Instant generation of compliance and access audit reports. |
Real-time compliance reporting available via dashboards and export. | |
|
E-signature Legality Electronic signatures via hardware tokens are legally enforceable. |
Electronic signatures produced via hardware tokens with legal enforceability for regulated digital processes. | |
|
Data Residency Controls Manage where user/device data is physically stored according to regulations. |
Data residency controls available—choice of data center location within certain regulatory limits. | |
|
Customizable Retention Policies Configurable rules for data and log retention per compliance requirements. |
Data and log retention can be configured by policy for compliance. |
Usability and User Experience
(7 Yes /7 Known /10 Possible features)
|
Quick Authentication Time Average time required for user authentication using hardware devices. |
No information available | |
|
Self-Service Recovery Enables users to recover or reset access in case of lost or damaged devices. |
End-user portal supports self-service recovery functions (retrieving/resetting lost tokens). | |
|
Multi-Language Support Interfaces and instructions available in several languages. |
Multi-language support is available for portal and user materials. | |
|
User Training Materials Provision of digital and physical training resources for users. |
Training material and guides are available online via WatchGuard's resources. | |
|
Accessibility Features Designed to be usable by people with disabilities. |
Accessibility features are claimed on help site, including screen reader compatibility and accessible interfaces. | |
|
Minimal User Prompts Low number of required user interactions per authentication. |
No information available | |
|
Customizable Alerts Configurable notifications for transactions, logins, and policy violations. |
Customizable alerts for failed logins, transactions, and policy violations can be configured. | |
|
Support for Remote/HQ Users Designed for both on-site and distributed workforce scenarios. |
Designed for both remote and on-premises users with mobile and hardware token support. | |
|
Out-of-the-Box Configuration Templates Pre-built configurations for rapid deployment. |
No information available | |
|
Clear Error Messaging Descriptive messages and troubleshooting guidance when authentication fails. |
Error messages are provided with guidance for common issues in authentication flows. |
Operational Resilience and Availability
(7 Yes /7 Known /10 Possible features)
|
Backup Authentication Methods Alternative authentication available if hardware is lost/unavailable. |
Backup authentication via alternate methods (push notification, QR, hardware OTP) is available for lost tokens. | |
|
Service Uptime Percentage of time the authentication service is available. |
No information available | |
|
Disaster Recovery Capabilities Ability to recover full authentication services after critical events. |
Disaster recovery and service restoration are covered in business continuity documentation. | |
|
Redundant Data Centers Multiple geographically dispersed facilities to ensure uninterrupted service. |
WatchGuard uses multiple, geographically distributed data centers to ensure availability. | |
|
Onsite Hardware Replacement Time Typical maximum elapsed time to replace failed hardware. |
No information available | |
|
Distributed Load Handling Ability to handle authentication loads from multiple locations concurrently. |
Supports distributed authentication requests and global user base. | |
|
Periodic Health Checks Regular automatic tests and monitoring of hardware and authentication processes. |
System includes periodic health checks for hardware tokens and service status. | |
|
Automatic Failover Processes automatically switch to backup hardware or methods if primary fails. |
Automatic failover to backup authentication methods or infrastructure in case of primary failure. | |
|
Maintenance Notification Automated user alerts about upcoming or ongoing maintenance windows. |
Maintenance notifications are sent to administrators regarding outages or scheduled maintenance. | |
|
Capacity for Concurrent Authentications Maximum number of concurrent authentication sessions supported. |
No information available |
Scalability and Performance
(6 Yes /6 Known /10 Possible features)
|
Maximum Supported Users Largest number of users the solution can handle effectively. |
No information available | |
|
Maximum Supported Devices Total number of unique hardware authentication devices supported concurrently. |
No information available | |
|
Elastic Resource Allocation The system resources can automatically scale up or down based on demand. |
Elastic scaling is supported in the cloud-hosted model—resources scale to load. | |
|
Load Balancing Support Distributes authentication traffic for optimal performance. |
Load balancing is available for authentication traffic in the cloud. | |
|
Low Latency Authentication Minimal average time for completing authentication transactions, even at scale. |
No information available | |
|
Concurrent Hardware Update Support Can update firmware/settings across multiple devices simultaneously. |
System enables concurrent updates to managed hardware tokens. | |
|
Batch Device Management Ability to manage device settings and permissions in bulk. |
Batch device management possible via admin interface. | |
|
Multi-Site Support Facilitates centralized management across distributed corporate locations. |
Multi-site corporate support via central portal. | |
|
Distributed Workforce Scalability Suitable for both centralized headquarters and remote treasury teams. |
Scale supports remote and distributed workforce. | |
|
Peak Hour Performance Lowest average authentication time during the busiest periods. |
No information available |
Security Monitoring and Incident Response
(6 Yes /6 Known /10 Possible features)
|
Real-Time Authentication Monitoring Ongoing visibility into who is accessing what, when, and how. |
Dashboard displays real-time authentication events and user access. | |
|
Automated Alerting for Suspicious Activity Immediate alerts for anomalous login attempts or policy violations. |
Automated alerts are triggered for suspicious or failed logins. | |
|
Integration with SOC/SIEM Tools Feeds authentication logs and alerts into security operations centers. |
Integration available with SIEM/SOC tools for security operations. | |
|
Automated Threat Response Initiates automated steps (lockouts, alerts, device disable) upon detection of certain threats. |
Automated locking and alerts can be configured for threat events. | |
|
Forensic Data Collection Collect and retain data for post-incident investigations. |
Audit logs can be exported/retained for forensic analysis. | |
|
Threat Intelligence Integration Leverages real-time feeds to update threat detection criteria. |
No information available | |
|
Incident Response Playbooks Pre-defined procedures for handling specific authentication threats. |
No information available | |
|
User Notification on Compromise Notifies users immediately if their credentials or devices are at risk. |
Users are notified automatically if their device or credentials are at risk. | |
|
Manual Override Capabilities Allows authorized personnel to override automated locks if needed under strict control. |
No information available | |
|
Incident Response Time Average time to detect and respond to a security incident. |
No information available |
Cost and Licensing
(8 Yes /8 Known /10 Possible features)
|
Transparent Pricing Model Clearly defined fees for hardware, support, and licensing. |
Transparent pricing and licensing terms are provided publicly by WatchGuard. | |
|
Hardware Replenishment Costs Typical per-device cost for replacement or additional units. |
No information available | |
|
Support and Maintenance Fees Recurring cost for ongoing vendor support and device upkeep. |
No information available | |
|
Pay-as-You-Go Options Pricing flexibility to scale with actual usage, not fixed licenses. |
Pay-as-you-go/subscription options are offered for cloud-based licensing. | |
|
Volume Discount Availability Discounts applied for purchasing large numbers of devices. |
Volume discounts available for large orders (as explicitly referenced on their pricing FAQ). | |
|
Included Software Updates Software/firmware updates are included in licensing/package fees. |
Software/firmware updates are included within support/licensing. | |
|
Trial/Evaluation Hardware Availability of trial devices for hands-on evaluation before purchase. |
Trial tokens/devices are available for evaluation by prospective customers. | |
|
Flexible Contract Duration Ability to negotiate terms of service, e.g., annual or multi-year. |
Contract terms are flexible, including annual and multi-year agreements. | |
|
Total Cost of Ownership Tools Tools for projecting and understanding all long-term ownership costs. |
TCO calculators and guidance are provided during sales cycle. | |
|
Third-Party Hardware Support Supports a variety of vendor devices, not just proprietary options. |
Compatible with third-party hardware tokens (e.g., YubiKey, OATH compliant). |
Vendor Support and Service
(9 Yes /9 Known /10 Possible features)
|
24/7 Technical Support Round-the-clock assistance from vendor support teams. |
24/7 technical support offered with service contract. | |
|
Comprehensive Documentation Extensive user and administrator guides with troubleshooting. |
Extensive guides and troubleshooting documentation are available online. | |
|
Dedicated Account Manager Named support resource for ongoing partnership and escalation. |
Dedicated account managers provided for enterprise and strategic customers. | |
|
Custom SLAs Option to negotiate Service Level Agreements for uptime, support speed, etc. |
Custom service level agreements are negotiable for uptime/support. | |
|
Customer Training Services Provision of onboarding and specialist training for treasury staff. |
Customer and end-user training services available on request and via partner programs. | |
|
Local/Regional Technical Presence Access to in-region expertise and hardware support. |
WatchGuard maintains local and regional technical presence in major geographies. | |
|
Community and User Forums Active information-sharing spaces for users and admins. |
Community forums and knowledge base available to all users/admins. | |
|
Automated Ticketing System Structured, trackable process for raising and resolving issues. |
Automated ticketing and case management system is available via the support portal. | |
|
Proactive End-of-Life Notifications Alerts about support and update discontinuation for hardware models. |
Proactive notifications for hardware and software end-of-life/support retirement are sent to customers. | |
|
Onsite Support Availability Ability to request onsite engineer visits for urgent incidents. |
No information available |
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.