Companies working with credit card data need to comply to PCI DSS. In section 8.3 PCI DSS 3.0 requires the use of two factor authentication.

Modular Two Factor Authentication Solution privacyIDEA Enterprise Edition

privacyIDEA is a modular solution for two factor authentication especially with OTP tokens. It is multi-tenency- and multi-instance-capable. Due to the modular structure privacyIDEA can be quickly and easily adapted and enhanced. E.g. adding new token types is as simple as writing a new lean python module. You do not need to modify your network for privacyIDEA, it does not write to existing databases or user stores. It only needs read access to your user stores like LDAP, Active Directory, SQL, SCIM-service or flat files. Existing workflows can be enhanced without the need to modify them. Using its simple REST like API it can be automated and smoothly be integrated.

Enterprise Edition with Service Level Agreements

The privacyIDEA Enterprise Edition by NetKnights contains:

  • The vendors warranty for the software mitigating the "no-warranty" risk of the AGPLv3 or privacyIDEA open source.
  • Subscription to additional stable software packages of privacyIDEA for CentOS/RHEL and Ubuntu LTS.
  • Consultancy and prioritized feature requests.
  • Professional first class support and Service Level Agreements.

Customers Scenarios

We use privacyIDEA for customer projects to secure existing remote access like SSL VPNs. Using operating system clients the access to the operating system can also be secured accordingly. SAML authentication can get a second factor. privacyIDEA integrates well with other web based opensource products.

What customers say about us

It’s not often that I find an open source package which is truly as well thought and polished as privacyIDEA.

Support from NetKnights is very good. I received actionable responses in reasonable turnaround times accompanied by code examples and patches when necessary.

Supported Token Types

privacyIDEA supports all usual push-button-tokens, OTP cards and smartphone apps. The support for SafeNet eToken NG OTP and Yubikeys must be pointed out.
Both authentication devices can be initialized using privacyIDEA and thus the secret token seed is not known be the vendor or the distributor. privacyIDEA supports SSH keys and can manage the key assignments to your servers. In addition privacyIDEA can act as a CA for X.509 certificates.

Service Level Agreements for privacyIDEA Enterprise Edition

For the product privacyIDEA we provide the suitable support with a defined response time and with fixed costs. A support contract runs for one year. Please ask us for 24x7 support.

To get an idea of all the services contained in an SLA, you may download the support conditions.

Included in all support levels:

  • Support term 1 year: The support is agreed on for one year.
  • Product liability: The AGPLv3 license contains the passus WITHOUT ANY WARRANTY. If you are running privacyIDEA productively you may need a product liability which is granted by NetKnights.
  • Product enhancements: Assure the continuous development of privacyIDEA.
  • Easy installation and updates: The support levels provide you with install packages and repositories for you preferred distribution like Debian, Ubuntu, CentOS or Univention Corporate Server for easy installation and hassle free updates. Ask us for your preferred distribution.
  • Appliance: A appliance tool based on Ubuntu LTS is available.
  • Support via Email and Web: Support calls can be opened via Email or Web interface. The support case can be tracked via Web interface.
  • Security and bug notification: You are informed regarding security aspects of the product and bugs via email.
  • Flatfile / LDAP: Users located in files and LDAP directories are supported.


12x5: Mo – Fr 8am-8pm (CET)
Response time: 4h
Installations: unlimited in your own datacenter
All users included
Telephone support
Preferred implementation of features
3 days of consultancy
3 updates


8x5: Mo – Fr 9am – 5pm (CET)
Response time: 4h
1 productive installation
1-5000 users (or more)
Telephone support
Preferred implementation of features
1 day of consultancy
1 update

Small Business

8x5: Mo – Fr 9am – 5pm (CET)
Response time: 8h
1 productive installation
1-500 users (or more)

Your own privacyIDEA testing instance

Interested? Get your own privacyIDEA instance to test it for 30 days.

Easy Migration of an old two factor authentication system to privacyIDEA

Easy migration of old OTP System to privacyIDEA

Erst beim Klick auf den Playbutton wird das Video von Youtube geladen und eingebunden. Es gelten die Datenschutzbestimmungen von Youtube.

project website…