The WiKID Strong Authentication System is a patented dual-source, software-based two-factor authentication system designed to be less expensive and more extensible than traditional hardware tokens.
WiKID uses asymmetric encryption embedded in software tokens to transmit PINs to a server behind your firewall. If the PIN is correct, the account active and the encryption valid, an one-time passcode is generated, encrypted and returned to the user. The server support standard authentication protocols such as RADIUS, LDAP and TACACS+ and has an API with code packages in Ruby, Python, PHP, Java and C#.
The use of asymmetric keys that are generated on the device increases security and extensibility. For example, PC tokens are able to validate an SSL certificate for the end-user, thwarting MiTM attacks.
WiKID is available in an open-source Community Version and an Enterprise version.