#product #security

ti&m security suite

Security and authorisation is often considered a necessary evil instead of a chance to stand out from competitors

Strong authentication meets usability.

Security must be easy to use and convenient to avoid threads due to user error. That’s why we put the user into the center of our security solution. There is no need for cryptic passwords or clumsy hardware devices. We simply use the users Smartphone as electronic passport to authenticate the user.  Furthermore we protect this passport using modern cryptography and a user selected Pin-Code or his Fingerprint to prevent it from being copied or misused.

Designed for the digital business.

The ongoing wave of digitalization leads to more and more of our confidential data being exposed through services and applications. To protect this information, we will see an increasing amount of sites implementing strong authentication. Traditionally, strong authentication solutions based on symmetric keys require a dedicated hardware token for each and every site. This process was feasible back when e-banking was the only application requiring a hardware token, but is no longer realistic considering the growing number of applications. Current strong authentication solutions can be scaled to hardware or software tokens that can hold as many authentication keys as needed. The ti&m security suite supports token wallets either as software tokens in our mobile apps or as hardware tokens based on the FIDO alliance U2F standard.

Positive security: a new approach to user identification.

The ti&m security suite knows how its users behave and can calculate the probability as to whether the current user is actually the legitimate user. Based on this probability, along with any unusual transactions or payments, it is possible to assess whether or not the current transaction is a risk transaction. If there is a high risk, the user can be informed of unusual activity via push notifications, email, or telephone. All of this in real time, of course.

Developed for todays access channels and beyond.

The ti&m security suite is tailored for todays common access channels mobile devices and the web using browsers. But we do not stop there. Adoption to other access devices or communication channels is easy thanks to open and established standards and ease of integration. Think of gaming consoles, TV setup boxes or even smart watches. Any device with network connectivity and graphical display can be secured using our mobile security application.

„Our ti&m security suite is already in use at several banks and insurance companies.“

Harald Böttcher, CSO ti&m

Software as the better hardware.

Software has replaces hardware in almost all cases. The advantages of programmable solutions vs. hard-wired electronics are simply superior. The same is true for today’s strong authentication solutions. Software solutions can react faster to new threads and they do not require building and shipping expensive hardware tokens therefore offering significant sot savings. Short living security key material offers similar if not better protection against security device copying or cloning which was the only argument as of today to stay with hardware tokens.

Security as well for your investments.

As consulting and integration service provider we have learned that the integration of any solution into the existing IT landscape is key for long-term cost savings. That’s why we designed the ti&m security suite with integration in mind. Thanks to strategic partnerships with web firewall product vendors, multi tenancy capabilities and ease of integration into it infrastructure and business process we offer a fast and painless deployment for all your communication channels. To ease operation, we offer a virtual appliance and intuitive admin tools to increase your time to market. 

The core modules.

ti&m secure web
Next generation access and signing solution for your web-channel.

ti&m secure mobile
Next generation identity and access solution for your mobile apps.

ti&m secure token
Secure authentication for every customer.

ti&m policy server
Supports your security policies through intelligent analysis of user interactions.

ti&m security suite 3.0

New trust model
ti&m secure mobile now supports the "Trust on First Use" model. This makes mobile apps first class citizens and allows you to promote mobile only solutions.

Improved security
Secure mobile is now even more secure. A new token format and encryption algorithm makes hacking of the encrypted token infeasible.

New Audit Logging
The new customizable audit logging lets you define attributes, their format and position so you can collect exactly the information you need

More supported DBMS
Aside of Postgres, Oracle, MySQL and MariaDB are now officially supported.

Product details

ti&m secure mobile

  • tailored solution for mobile application usage
  • QR Code-based registration
  • short lived security tokens to prevent token copies
  • full OAuth 2.0 support
  • OpenID Connect Support (Q2 2015)
  • OAuth2 Assertion Extension (2015)
  • hardened mobile API’s


ti&m secure web

  • mobile application to act as authentication device
  • QR Code-based mobile application activation
  • X509-compliant security key material
  • Transaction signing support
  • hardened Mobile APIs


ti&m secure token

  • Hardware token support for customers that do not have or do not want to use a smartphone
  • supports all hardware token compliant with the open authentication imitative standards: HOTP, TOTP, OCRA
  • Support for OATH Key container file (PKSC) shipped with the hw-tokens
  • complete support for FIDO U2F


ti&m policy server

  • Module to intercept security server request and enforce policies
  • Fact based rule engine to identify and react upon potential security threads
  • Flexible rule definition language to define policies and evaluate facts
  • APIs, to alert security tracking applications such as fraud detection systems or service help desks

Experience the future of multichannel security. Today.

Request more information, or be inspired by a product presentation.

Deine Details

Harald Böttcher