Certified product


Version:  2.2
Product Type:  Access control devices and systems
Grade:  Commercial: Baseline, Commercial: OFFICIAL
Digital Management Systems CASQUE SNR

CASQUE SNR provides a mutual, multi-factor authentication system using active tokens. CASQUE has its own Challenge/Response message protocol that provides mutual, multi-factor authentication, key update and key management.
Further, it:

  • Provides measures to frustrate cloning of the Tokens and to detect attempted cloning
  • Includes measures to prevent circumvention of the system or interference with its proper working
  • Allows the population of Tokens and their keys to be done in an efficient manner so that large User communities can be easily supported
  • Has a measure to allow automatic key update of Tokens in the field in a User transparent way as well as the capability to completely refresh all of the Token’s keys
  • Enables Token to display messages
  • Enables the System to be integrated with the leading remote access architectures, such as TLS VPN Gateways
  • Enables, at the application level, authentication of Host to User and User to Host
  • Enables automatic recovery from defined insider attacks, specifically Token clones and reading of Server Data Files
  • Allows secure connection to an additional Server providing transactional Backup.

Challenges are never repeated. Clone tokens can be detected. Deterministic multi-factor authentication can be accomplished at the login or application level. Hosts can be verified so denying phishing.

CASQUE SNR is certified at source code level under the NCSC (formerly CESG) CAPS scheme and can as part of a layered approach be used at Secret.

Listed below shows the required specifications for each of the CASQUE SNR components.


Standalone PC or Laptop with Windows Operating System which is currently supported by Microsoft with latest patches, e.g. Vista, Windows 7 and Windows 8. Requires writable external media and spare USB port.


Windows or Linux Platform with CD and at least 1 Network Interface port, all with latest patches
Comment: For small user numbers, a PC workstation could be sufficient.

User Client

Windows or Linux PC or Laptop with latest patches running a supported browser
Comment: User Client can be Tablet or Smartphone running a supported browser in the case of Commercial variant.


For HTML5 support:

Internet Explorer (at least at Version 9); Mozilla Firefox (at least at Version 16), Google Chrome (at least at Version 22)
Comment: For non-thin Clients, use of the CASQUE Player instead of HTML5 is recommended.

Certified under NCSC scheme

Alternative Access control devices and systems products at Commercial: Baseline, Commercial: OFFICIAL

Was this information helpful?

We need your feedback to improve this content.

Yes No