Solución biométrica integral

Comprehensive biometric solution

Distant Connections

The XELIOS solution authenticates remote VPN connections by associating fingerprint with the digital certificates securely generating a one-time password (OTP) for the session.

Portal access through the company website is positively confirmed from any PC connected to the internet without prior installation ensuring absolute mobility.

XELIOS solution provides a complete high level of security, replacing simple passwords for strong authentication procedures: Each user will have a biometric token which will generate a unique code, valid only for the current connection. When prompted, the user puts their fingerprint (what you are) on fingeprint sensor, and the biometric token (transparent to the user) will issue the user’s certificate and after validation it will generate a unique code (OTP -what you know).

The three modalites correctly authenticated constitute proof of identity.

The evolution of technology in today’s economy has created new ways of remote access and tele-commuting. At the same time, new technologies have emerged to ensure opening of these services is accompanied by a safety device to prevent fraudulent acts and ensure the identity of the payer.

XELIOS VNA is a complete and ultimate solution for its security level and simplicity of use. Companies wishing to offer their employees and customers the ability to use a remote connection will find a full suite of capabilities to support any configuration requirement.

LibertyPass Device

All user data (eg account, biometric data, etc) are stored in the key (Match -On-Device). There is no communication with the PC during fingerprint comparison so interception or insertion is not possible. The autonomous internet browser is in the key itself and can be configured to connect directly to your company website. Access is protected by a certificate stored in the secure partition on the key. All visited Web pages are cached in the key. There is no browser history or footprint on the PC. Each key includes a storage partition like any USB drive but highly secuired.

Secure USB Biodrive MXP is available in different capacities (512MB-16G)


Integrated Crypto

  • 256 containers of Keys for AES o HOTP secret keys
  • 504 containers of 3072 bit for RSA asymmetric
  • Generation of unique passwords HOTP (standard)
  • Encryption/Decryption of data in 256 bit AES (FIPS Pub 197)
  • Ashes Algorithms SHA-256, SHA-1 with key (HMAC: FIPS Pub 198)
  • Key Generation RSA 1024/2048/3072 )bits) (X9.31y PKCS#1)
  • Verification and signature of messages using algorithm RSA )
  • Encryption and decryption of data using (PKCS#1)

Fingerprint Sensor with distance sensor. Technology Match-On-Device

  • No communication with PC.
  • Biometric authentication is performed in the key.

Private Partition

  • Encryption Key processor AES 256 bit

Read-only partition installed with XELIOS VNA

Libertypass functional diagram


Step 1

Users insert the key into a PC with an Internet connection. The key is recognized by Windows when it is inserted. No software or drivers are required. PC host with authentication key


Step 2

The user opens the autonomous Internet Explorer available in the key. When using the browser, there will be no trace of it on the PC (cookies, temporary files, connection history, etc…) The autonomous explorer is configured by the administrator when initializing: Configuring homepage: direct access to the company portal when you open the browser: Inserting the user certificate. Autonomous Internet Browser


Step 3

The JAVA XELIOS applet from the company portal detects the key and asks for the user’s fingerprint. Key user


Step 4

The user’s fingerprint is compared with those present in the key. After verification, the key processor calculates the one-time password (OTP). The fingerprint tracks are stored in the key. This is a Match-On-Device operation. No biometric information comes from the key. Confidential information used in generating the OTP is a block encryption and is not accessible by the user. The unique password key is calculated by the internal processor. Comparison of fingerprint in key


Step 5

The OTP is sent to the Web site portal which is verified by the authentication server. The OTP is verified in the XELIOS VNA server. Our authentication server complies meets the standard of the Radius (RFC 2865). The XELIOS Radius server acts as a Radius proxy. VNA Server.


Step 6

When the OTP is validated, the user connects safely to the company portal. Web Server/ Company Portal.

Share it on social networks







Do you have any comments?

  • Office Hours
  • Office
  • M-F, 08:30 to 17:30 hr (Eastern Time)
  • Calling hours
  • M-F, 08:30 to 17:30 hr (Eastern Time)


327 East 84th Street, 3rd floor, NY, New York, 10028

Log In

create an account

Cookies Policy

We use third-party cookies to improve our services. If you continue, we assume that you consent to this use. You can change your browser settings or get more information by consulting our Cookies Policy