I’m in charge of an exciting new marketing initiative. It’s still confidential and the privacy of the users is important to me. I need an easy, fast and fun MFA solution to protect their access. Unfortunately, I cannot rely on my internal IR for this. It’s a tactical project: it might either end suddenly or grow at the speed of light!



I’m in charge of IT and wish to add MFA to all external access for our employees, partners and clients. It has to ensure privacy on our web portal, VPN, Remote Desktop, Citrix and many other applications. Displaying our own branding on the MFA would be an asset in order to convey our corporate image. I don’t want to recruit for this and my IT staff is already fully booked.



I’m in charge of a large initiative for the dematerialization of our business (from physical counter to e-counter). Adding MFA is strategic. Not only does it target a few dozen thousand users, but it is also a prerequisite for the dematerialization. We have risky and costly transactions to protect against fraud and repudiation. As part of the service, the MFA should comply with our own corporate branding and remain under our full control.


Run an all-included service without the necessity for hardware tokens, for all your needs,
with full control and little effort.

No identity management, no local support or training, no post mail, no specific skills or equipment, no back-office management, able to grow suddenly with little impact on infrastructure and organization.



For users, includes registration, replacement and online training, all requiring a browser only; for IT staff, with nothing to distribute, ready interfaces and full compliance with the existing IAM processes.

Authentication is a critical function. Its unavailability may occur costs and risks. Inadequacies, losses, oversights, prohibitions, low connectivity, low batteries, all must be mitigated.



Tokens for everyone everywhere: trendy smartphone apps from major public stores, SMS code on old-timer mobiles and grid cards for mobile-reluctant users. Registering different tokens kills the need for a rescue solution and complex replacements.

The identity of users is confidential; target systems cannot be adapted for stronger authentication; whatever the solution, it should be easy to complement or be replaced.


Standard interfaces:

Fast and non-intrusive integrations: on-demand interfaces based on standard protocols; no change to the existing IAM repositories; on-the-fly learning of the associations between users and tokens with no storage of usernames.

Authentication is also needed to secure sensitive operations such as payments, subscriptions, and more generally any kind of approvals, including legal contractual signature.


Transactions and signature:

Whatever the token, authentication can be used to approve a particular transaction or document in a “non-hackable” and non-refutable manner, optionally leaving a legal signature in a PDF document.

So many scary stories about hacking these days, isn’t it risky to bet on software? May the hosting be delegated? Even in the cloud? And how secure are mobile apps in the public stores?


Appliance, encryption and native apps:

Every piece of software is built upon best practices against malicious users or hosting staffs: servers are sandboxed in hardened appliances, data storages are encrypted and mobile apps are delivered as obfuscated native code.

Not only secure, but also fun and easy to use.

ELCARD is also available as a white label solution and can be customised to completely match your corporate design.


100% coverage
with grids & SMS


Swiss-made solution:
12+ years


Interface customizable
with your branding


Fun touchscreen
and barcode experience

How it works

Choose the strongest authentication mode that suits you to best access sensitive data and corporate resources on any device

“We have successfully used the ELCARD solution since 2006 and we have recently introduced the new grid card and mobile version. Based on a ‘virtual appliance’, the solution is even easier to deploy and use. What is more, this change was made without any impact on the users.”

Daniel Gougerot
IT System Department – CHUV – Lausanne

Logo Caisse Cantonale Vaudoise de Compensation AVS
Logo Retraites Populaires
Logo Source
Logo HUG

Questions & answers

1. Can you tell me more about ELCARD’s history?

ELCARD is a solution developed by ELCA to address business needs for multi-factor authentication. The first commercial version of ELCARD was released in early 2005. ELCARD has been installed in dozens of production environments and is successfully performing in various business areas, including finance, insurance, health, government, hosting, retail commerce and transportation.

2. How long does it take to implement ELCARD?

ELCARD can be set up within a day. It’s quick and easy to do. Give it a try.

3. What kinds of authentication needs can ELCARD cover?

Authentication to confirm a payment, an order, or any kind of sensitive information entered in some online form. Coupled with another of ELCA’s technologies, ELCARD can also deliver legal signatures, typically as non-refutable proof of a transaction or, more classically, to sign a document.

4. Can ELCARD be installed on premise?

The ELCARD appliance can be installed on premise. The requirements are:

  • Authentication interfaces: RADIUS, SAML and LDAP
  • Minimum hardware requirements: 4GB RAM, 50GB HDD space

Interested? Contact us



ELCARD is a strong multi-factor authentication solution that matches the mobility and security requirements of nomad users. Available in full SaaS mode, ELCARD is a quick and easy-to-run solution ensuring secured access to sensitive data and corporate resources with controlled costs.





ELCA Lausanne (Headquarter)
Avenue de la Harpe 22-24 – CP 519
1001 Lausanne – Switzerland
+41 21 613 21 11


ELCA Zurich
Steinstrasse 21 – Postfach
8036 Zurich – Switzerland
+41 44 456 21 11


Seilerstrasse 4
3011 Bern – Switzerland
+41 31 556 63 11



With more than 750 experts, ELCA is one of the biggest independent Swiss full-service business and IT solution providers. For nearly 50 years, we’ve been creating, designing, developing and operating software-centric solutions, helping our customers to create continuing business value and a sustainable competitive advantage.