Presence-based Logical Access

Conditional Access

Presence-based Logical Access

Innovation in MFA solutions is crucial as cyber attackers constantly seek loopholes. Presence-based Logical Access reduces the attack surface by keeping network access locked at all times, unless an authorized employee has badged-in from an authorized location. A big step towards 3FA!

Grant MFA access based on user location

Presence-based Logical Access

Minimize your attack surface

Enhance your network security

Presence-based Logical Access is a new approach to network security. The idea is to keep network access locked at all times, unless an authorized employee has badged-in (user location is checked against company settings, either per allowed country or office coordinates). All network access will be locked at midnight, even if someone forgot to badge out.

With Presence-based Logical Access, access is restricted until a physical confirmation is provided (using the free OpenOTP Token app), adding an extra layer of security that can work in tandem with regular 2FA (username+password+OTP) to safeguard your network.


Enhanced Security

Implement Multi-Factor Authentication with location/time and biometric authentication (fingerprint or facial recognition depending on your mobile phone). Reducing the attack surface makes it more difficult for hackers to gain access to your systems. Stolen credentials are useless.

Improved Compliance

Many industries have strict compliance requirements, such as HIPAA or PCI-DSS. Presence-based logical access helps organizations meet these requirements by providing an additional layer of security and authentication, helping to protect sensitive data and systems.


Grant users network access using their mobile phone from predefined allowed locations, providing greater convenience and flexibility. This is particularly beneficial in today's world where multi-office locations, remote work and mobile devices are becoming increasingly common.


Included in OpenOTP Security Suite at no extra cost, Presence-based Logical Access eliminates the need for hardware-based tokens or smart cards (expensive to implement and manage). Using mobile devices for authentication reduces costs while improving security. A win-win for everyone!

WebADM IAM vs. Security Challenges

Presence-based Logical Access is an essential aspect of modern workplace security, and WebADM’s Identity and Access Management (IAM) system provides a robust solution for managing access across multiple dimensions.

Grant MFA access based on user location. Define and manage access at a granular level, such as per country, per office location, per application and much more…

This flexibility enables organizations to tailor access controls to their specific employee needs and greatly minimize the risk of unauthorized access or data breaches at night or when people are on vacation for example.

compliant remote work regulation reporting
Remote Office Badging

Another key benefit of Presence-based Logical Access is the ability to select different badging options depending on the location of the user.

For example, an employee who is accessing company data from within the office can be granted access after a “check-in” (network access time is predefined in WebADM and does not require a check-out).

That same employee who is working remotely can be required to badge-in and badge-out (network access is granted only between that period of time). This option also guarantees the employee’s remote work hours are accurately reported.

By implementing this additional feature, businesses can enhance their security posture and ensure that their sensitive data is protected at all times.

Designed for ALL Enterprises

No matter the size and type of your business, security is a must. Adapting to remote work demands and the latest technologies to remain competitive can be challenging and costly.

With Presence-based Logical Access, protecting your network while still giving employees the flexibility they need is simple and is included in OpenOTP Security Suite.

Scalable, flexible and easily implemented with existing security infrastructure, for a small or large number of users, it is ideal for organizations of all sizes, and/or with multi-office locations (in the same country or not).


OpenOTP Token App

The free OpenOTP Token application offers a convenient and elegant solution for employees to check-in or badge-in to get network access.

Employees no longer need to carry around physical tokens or remember complex passwords to gain access to the company network. Instead, they simply need to open the OpenOTP Token app and follow the prompts to authenticate their identity/location.

The OpenOTP Token app provides a seamless and user-friendly experience for employees while also ensuring that the company network remains secure.

A solution for HR Departments

Presence-based Logical Access has revolutionized the way we interact with our digital identities, making it easier and more convenient for us to authenticate ourselves securely.

In addition to this primary function, it can also serve as a Mobile Badging solution. Instead of carrying a physical badge or ID card, employees or authorized personnel can simply use their mobile to badge-in and out.

OpenOTP Mobile Badging is a convenient solution to manage employees’ worked days. Anyone working outside of the office has a reliable and convenient solution to keep track of their work hours and HR can access this data anytime.


Location accuracy & Convenience: cross-border employees working remotely or anyone doing some work outside of the office (an outside sales rep or a technician working on site for example) can conveniently badge-in and badge-out.

Multiple location supported: the perfect solution for companies with multiple offices. Whether in different countries or cities, manage employees and set policies according to each country’s regulation.

Timestamped locations: employees can conveniently and securely badge-in and out, using their mobile phone. All the collected data is timestamped using the local CA in XADES or using eIDAS. Proof of location cannot be repudiated.