Freja Self-Service Portal

Simplified user enrolment

The Self-Service Portal is an add-on to Freja which simplifies the process of user enrolment, ensuring that the right credentials are provisioned to a users physical hardware token or to Google Authenticator on the users smartphone.  

Securing identities with less administration

Unless the right person gets the right credentials associated with his or her login token, it does not matter how secure your authentication solution is. Ensuring an identity may involve a significant amount of administration if this process is performed manually, i.e. face to face. In these cases, the user has to turn up at a certain place within the organization and show a proof of identity, after which he or she gets a login token associated to that identity. Although this provisioning method is secure, It is extremely demanding from a resource standpoint.

An automated solution with complete control

By leaving the enrolment to the user, Freja Self-Service Portal relieves the organization of much burdensome administration. But letting users verify their own identities is, of course, utterly pointless. That is why the user has to show some form of proof of identity during registration. This may be login information – username and password – to existing AD schemes. In cases where a user does not have any previous relations to the organization, it may be in the form of a PIN code delivered in a registered letter, which cannot be claimed without showing proper identification.

When the connection between the user token and your AD or LDAP is established, Freja Self-Service Portal maintains a communication channel with the directory in order to update records, replace tokens or handle PIN resets, which can also be managed by the user directly.

Four easy steps to user enrolment

Freja Self-Service Portal can be used to provision the wide range of login tokens that are compatible with Freja – everything from “one-button” tokens to Google Authenticator. The enrolment process is easy and only takes a couple of minutes:

  1. Select. The user selects his or her preferred device type; hardware token, Google Authenticator etc.
  2. Register. The user provides proof of identity, either a domain username and password to AD, a distributed PIN code, or another method of choice. This may also be conducted through an existing 2FA solution that is being migrated away from.
  3. Activate. For hardware devices, the user will activate the token in the Self-Service Portal by entering the serial number found on the back of the device. For Google Authenticator, the user will use his or her smartphone camera to scan the QR code presented on the Self-Service Portal.
  4. Verify. Finally, the user will be able to verify that the steps above have successfully provisioned a security device and associated it with his or her identity.

Customizable

The Freja Self-Service portal can be customized and branded to a particular organization’s look and feel. Explanatory texts are all customizable in order to fit your corporate language and thereby minimize the risk of users not understanding the process. The portal can also be linked to your internal helpdesk and support teams.