EMBASSY® Remote Administration Server for Device Identification

Confirm the identity of user and device

Easy, secure, multi-factor authentication

Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.

Here’s how it works:

Trusted Platform Module (TPM) + Wave’s ERAS for Device ID = hardware-secured, fully-managed authentication

Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.

Wave’s ERAS for Device ID gives IT remote, centralized management of all TPMs on enterprise computers.

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.

Regulatory compliance? Check.

Be FREE! Live token-free, password-free, hassle-free

We know you’ve dreamt about shredding your list of passwords. Go on and do it.

Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.

Decrease expenses with ERAS’ Virtual Smart Card

You know what else happens when you take passwords out of the equation? A lot fewer calls to IT. Imagine if you took password resets out of the picture – that frees up a chunk of IT time, lowering your operating expenses significantly.

And besides, if your organization currently uses traditional tokens or smart cards, switching to ERAS for Device ID takes an even bigger burden off of IT – we use the hardware-protected credentials in the TPM to create a virtual smart card, which performs the same functionality as traditional smart cards. That means  no need to purchase, deploy, replace or maintain external tokens, smart cards or smart card readers. The “smart card” (TPM) ships on the PC, and only needs remote activation. You can’t lose it, unless you’ve also lost the laptop, in which case your remote management can immediately revoke access to enterprise resources. Because virtual smart cards are already on your machines and can’t be forgotten, lost or stolen, you have lower capital expenses and lower operating expenses.

Happy users, happy IT, happy auditors. It makes us happy to give you these things.


Key Features: 

Strong Security

  • Authenticate securely, encrypt email, and prove integrity of the device with one management console
  • Protect against phishing, malware and other network security threats by storing authentication credentials in hardware
  • Provide centralized enforcement of custom policies

Easy Compliance

  • Prove that you know who is on your network at all times, and with what devices

Low Cost

  • Reduce operating expenses by eliminating password reset and shortening deployment times
  • Minimize capital expenses by using hardware you already have
  • Integrate with Microsoft Active Directory for IT familiarity

Better User Experience

  • No more tokens or smart cards to achieve two-factor authentication - TPM is a virtual smart card
  • Eliminate VPN/WiFi/website passwords for faster access to resources
  • No add-on software means improved OS performance


  • Compatible with Windows 8.1, 8, 7 and Vista operating systems – manage mixed environments from one console
  • Create custom management policies to suit your organization’s needs
  • Support multiple users – up to 50 users per machine


Provide the same strong authentication on Windows 8 Pro & Enterprise tablets that you want for your enterprise PCs - with Wave Mobility Pro - Tablet Edition


Microsoft, Windows, and BitLocker are either registered trademarks or trademark of the Microsoft group of companies.

Copyright © 1997-2014 Wave Systems Corp. All rights are reserved.
Terms of Use I Privacy Policy I Contact Us