Nothing to carry.

You don’t need to carry a hardware token to protect your account.
Virtual Token® MFA is stronger, more affordable, and easier to use.
And, you’ll never forget where you left it!

  • More

    No additional hardware required

    Virtual Token® MFA uses the user’s Internet device as the “something the user has” factor of multifactor authentication, eliminating the need to deploy additional hardware to users.  Users may enroll as many devices as they wish, including mobile devices such as phones and tablets.  Multiple users may also share a common device.

    The “key” concept

    Traditional hardware tokens contain unique mathematic keys embedded within their memory chips.  Instead of deploying a hardware token (with its embedded key) to each user, Virtual Token® MFA deploys just the key, turning the user’s connected device into a “virtual” hardware token.

    After verifying the user through a regulatory-approved “out-of-band” verification process, Virtual Token® MFA constructs a key that is unique to the device’s “fingerprint” and the user’s account details.  This key is stored and maintained entirely by the user’s web browser and no special software is required to deploy it to, or retrieve it from the user’s browser.  The key is mathematic in nature and cannot be reverse engineered or decrypted.  It contains no user information and is cryptographically “tied” to the user’s enrolled device and their account details, rendering it unusable if supplied from functionally different devices or by other users.

    Visit our Technical Information page for more information.






Nothing to install.

You don’t need to install any software to use Virtual Token® MFA.
You already have everything you need right now.
It’s security made simple.




No”mother’s maiden name’

Virtual Token® MFA never solicits personal information through challenge questions. Regulators have repeatedly rejected challenge questions as failing to meet their definition of “true multifactor authentication”. Using challenge questions also violates your customer’s privacy and will condition your customers to divulge their personal information to fraudsters.



No risk scores.

Virtual Token® MFA doesn’t use “risk scoring”. Risk scoring products often produce “false positive” results, denying legitimate users access to their own accounts. They also produce “false negative” results, allowing fraudsters to access user accounts. Risk scoring products are notoriously difficult to configure and support, they require constant “tweaking”, and they do not meet the regulatory definition of “true multifactor authentication”.



Lowest support costs.
Highest user acceptance.

In a 2007 study conducted by the Credit Union Journal, Virtual Token® MFA rated best among all multi-factor authentication methods, providing the lowest support costs and the highest user acceptance rates.




The U.S. Department of the Treasury
is a Virtual Token® MFA user.



Trusted. Secure. Respected.


Virtual Token® MFA protects some of the world’s most important computer networks. It is used by federal and state government agencies, FFIEC-regulated financial institutions, CJIS-certified law enforcement providers, and HlPPA-compliant healthcare organizations.

  • More

    Virtual Token® MFA users include the U.S. Department of the Treasury, the State of North Carolina, RR Donnelley, Banorte Bank (Mexico), and numerous other well-respected organizations.

    Visit our About Us page to discover more Virtual Token® MFA users.