TokenOne is a security software licensing company focused on deploying its Knowledge Based Authentication solution to clients, partners and software vendors.

TokenOne allows users to verify their real world credentials and identity, register their phone as a token and create a secure and secret PIN.  A user can complete all necessary steps in a way that enables an organisation to meet both identity proofing and legal compliance requirements. Users can also add credentials as required by an organisation’s business rules.

Deployment of TokenOne Authentication

using one-time code to log into multiple systems

“TokenOne is the strongest form of software-based
Two Factor Authentication security I have seen.”


"Cyber crime may be the greatest threat to every company in the world."


"There are only two types of companies: those that have been hacked, and those that will be."


The Problem

With cybercrime now costing more than US$445 billion globally per year, organisations are facing increasing challenges to continually improve security and prevent unauthorised access to high risk or sensitive information and services.

Deal rooms, client portals, corporate records and critical systems often only require a username and password. Where Two-Factor authentication is provided, it is often cumbersome, expensive to manage and difficult to deploy.

At the same time, users are demanding security of their identity, their information and dealings with all service providers and expect a convenient, secure and easy-to-use service too. As a result, organisations have to balance consumer demands while meeting their security and compliance requirements.

Deploying TokenOne Authentication Based On One-Time Pad Principles

Technology Overview

Patented Technology

Based on principles of industry recognised uncrackable form of encryption (One-Time Pad).

No Algorithms

Ensures TokenOne is not vulnerable to someone cracking an algorithm and compromising multiple accounts and all the reliant services and infrastructure.

Self Management

Users register their device as a true and unique token and create their own PIN. Ongoing management of both is also done by the user.


Secure and simple by proving the presence of the device and mentally scrambling the PIN.

Genuine strong 2FA

As both factors are strong, TokenOne proves the presence of the device AND the user and is one of the few mass market authentication solutions where both factors are strong.

PIN never revealed

The user knows their PIN which is never entered or revealed to anyone, not even to TokenOne or the service the user is accessing.


Supported Sites & Services

The sample below is just some of the over 2500 supported sites and services.

Supported Sites & Services logos