ZTrust V1.0.0

1. Overview

ZTrust, a Single Sign-On solution developed by Prodevans, simplifies Omnichannel Identity and Access Management, making user login and onboarding processes more efficient and secure. ZTrust ensures ease of access to multiple applications with just one click, enhancing user experience while maintaining robust security measures.

2. Key Features

ZTrust provides the following key features -

2.1. Multi Factor Authentication (MFA)

ZTrust provides robust multi-factor authentication (MFA) by combining knowledge, possession, and inherence factors. It enhances security with push notifications, biometric authentication, ReCAPTCHA, and OTP-based logins.

2.2. Password Management

2.2.1. Password & Session Invalidator

ZTrust enhances security by invalidating a user's password after their first SSO login, requiring a new one. It also includes a session invalidator that logs out other active sessions if a user logs in from a new device or location.

2.3. Block Suspicious Login

2.3.1. Brute Force Detection and Customized notification

ZTrust prevents brute force attacks by monitoring login attempts and blocking IPs after a set threshold of failed logins. It notifies users and administrators, providing details about the compromised account and attacker's IP address.

2.4. Enhanced Security

2.4.1. JWT Token Based Authentication

JWT token-based authentication provides secure, scalable user access with JSON Web Encryption (JWE) and certificate-based decryption. Upon login, a signed JWT with user identity and claims is issued and included in requests. Services validate the token's signature to control access.

2.4.2. One to many user mapping

An on-demand feature allows clients to link one phone number or email to multiple user IDs, benefiting joint account holders and representatives. It facilitates authentication by letting the contact choose the appropriate profile with specific roles and permissions, while enhancing security and monitoring for financial institutions.

2.4.3. GDPR Compliance

ZTrust ensures GDPR compliance with email notifications for user actions, MFA options like Fingerprint, and Captcha on login/registration, aligning with GDPR's principles of transparency, data protection, and secure access control.

2.4.4. Inactive User Tracking

ZTrust monitors user activity, flagging irregular or inactive users for deactivation. Upon deactivation, users are informed. This process enhances security and resource allocation by prioritizing active users.

2.4.5. Deactivation of Idle users

ZTrust enhances security by deactivating idle SSO users after a customer-defined period. Users nearing the idle limit receive notifications, encouraging activity and minimizing risks.

2.5. Streamlined Convenience and Superior User Experience

2.5.1. Customized Sign-in page & Mail templates

The SSO login page and HTML/CSS email templates can be customized to match the client's website design, ensuring consistent branding and a seamless user experience.

2.5.2. Social Media Login

ZTrust simplifies login with single sign-on across GitHub, Google, and LinkedIn, enhancing security and granting users control over permissions for seamless access to financial services.

2.5.3. Multi-Tenancy

ZTrust offers multi-tenant capabilities, isolating each customer's data and customizations securely. Tenants can customize appearance and branding independently while sharing infrastructure. Despite data isolation, core application logic and configurations are shared for consistent user experiences and updates.

2.6. Role-Based Access Control

2.6.1. Identity Token Size Optimisation

The solution includes an on-demand wrapper for optimizing ID tokens for RBAC model access. It generates compact tokens and retrieves roles dynamically, ensuring accurate role data while enhancing security and transmission efficiency.

3. System Requirements

The prerequisites for ZTrust include the following:

  • Any Linux OS or Containerization Platform PaaS (Kubernetes or Redhat OpenShift)

  • Quarkus Runtime

The technology stack needed by ZTrust is outlined as follows:

  • Angular JS, Bootstrap, Freemaker, PatternFly

  • REST Easy

  • JPA, Jackson 2.x, Apache HTTP Server, Wildfly Server, Quarkus Framework

  • Keycloak Libraries and Adapters

  • Spring Boot authentication modules

4. Instructions for Installment

For installation guidance, consult the instructions outlined in the documentation - Installation of ZTrust.

To configure various functionalities of ZTrust, please refer to the documentation - User Manual - Admin Manual.

5. Frequently Asked Questions

For additional information, go to the documentation - Frequently Asked Questions.

6. Support

To gain more information about ZTrust, go to Introduction to ZTrust

To get acquainted with ZTrust, refer to User Manual

In case of any other issues, or support contact us at contact@ztrust.in

PreviousZTrust V1.0.1NextFrequently Asked Questions

Last updated