A Multi-Factor Authentication As a Service (AaaS) Platform with Biometric Security

Maria Zotova

Marketing and Public Relations Specialist

Reading time: 8 min

Learn how our team developed a multi-factor authentication as-a-service platform that implements recognition of fingerprints, facial features, and behaviours instead of passwords.

The Customer

The customer is the leading Swedish provider of biometric software. Thus, helping businesses and institutions secure sensitive data against cyber-attacks and unauthorised users sits at the core of its mission. Since its establishment in 2015, the company has been providing cybersecurity solutions to businesses in the finance and banking, healthcare, retail, online gaming, government, and public service sectors.

The Problem

To ensure the protection of sensitive data online, enterprises and individuals have relied extensively on passwords as one of the key tools to protect them from threats and attacks. However, most users employ the same and/or non-robust passwords across multiple accounts, which resulted in potential data breaches. As cybercrime continues to soar and hackers devising newer ways to attack, organisations should ditch conventional methods for modern trends in cybersecurity to achieve data privacy and compliance with regulations like GDPR and HIPAA.

At some point, the client recognised the opportunity of creating a multi-factor Authentication as a Service (AaaS) platform that would implement biometric security.

Understanding that people would not use a software solution with a complicated authorisation process, the customer needed to make it as simple as possible.

Aiming to reach global markets, it was also crucial to enable high availability, scalability, and resilience.
Partnering with Eureka, the start-up wanted to build an AaaS platform that would provide safe and convenient identity verification without passwords to log in.

The Solution

Our team started by analysing the company’s requirements and preparing a technical specification. During this stage, we prioritised features, outlined a project roadmap, and defined the best technology stack to address the customer’s needs.

To ensure high availability, scalability, and fault tolerance, our engineers built a microservices architecture, hosting it on Azure Service Fabric (which is a distributed systems platform for cloud-native app management).

Using Azure Cosmos DB, our developers provided safe and scalable data storage. To achieve data security, we implemented symmetric AES GCM encryption with a shared secret key. To obtain this key, the standard x25519 was used.

By employing an Identity Server, we enabled authentication and authorisation. Our team also made it possible to easily deploy the Identity Server in any location worldwide. With ASP.NET Core, we created an administrator panel for user management.

Our software engineers delivered a multi-factor Authentication as a Service (AaaS) platform that includes the following features:

· 3 factor/2 channel authentication

· recognition of fingerprints, facial features, and behaviours in combination with geographical data.

· push notifications

· authentication using QR codes

With the intent of creating an AaaS solution that will be accessible across all devices, we built a native mobile app (for iOS and Android) and an API that can be integrated with existing software. By using SignalR for .Net Core, our software experts were able to create a two-way communication.

Applied technologies:

Platform: Microsoft Azure
Programming Languages: C#, PHP
Tools and Frameworks: .Net, SignalR, Identity Server 4
Database: Azure Cosmo DB


Cooperating with Eureka, the customer developed a multi-factor authentication as-a-service platform that implements biometric security, including fingerprints, facial features, and behaviours recognition. With this solution delivered, the start-up managed to raise nearly €3.45 million.

Thanks to this system, the company ensured complete protection of user data against credit card hijacking, credit card fraud, identity theft, skimming, and phishing. Furthermore, this AaaS software was designed to fully comply with various security regulations without requiring the installation of additional hardware.

At the moment, the AaaS application is successfully being deployed in banking operations, cloud-based databases, cashless store purchases, electronic health records, e-commerce platforms, and online gaming.

If you are considering building biometric software solutions and are looking for a partner with real experience, you are welcome to contact our team. Together we will explore your business goals and software requirements. Once complete, we will be able to estimate the work scope, timeframe, and budget.

With extensive experience in creating high-integrity cybersecurity software solutions, our software experts will help you develop a software system aligned with industry-specific needs. To protect your intellectual property, we are, of course, happy to sign a mutual non-disclosure agreement before discussing project details.

Sign up for our newsletter

Get front-row industry insights with our monthly newsletter
We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies.
Privacy Policy