How Alfapass makes the port of Antwerp-Bruges safer

How Alfapass makes the Port of Antwerp-Bruges safer with mobile passwordless MFA

Alfapass is a leading service provider of personal identification and authentication for companies operating in Belgium’s sea ports. While they enabled 45.000+ dockers, truckers and visitors to access port terminals and vehicles and pick up containers with a physical token called the Alfapass Smartcard, they created a mobile authentication app called MyAlfapass. And they chose our mobile passwordless MFA SDK for logistics and transportation to make that happen. Here’s how and why.

Making Belgium's sea ports secure

Alfapass is a leading provider of identification and authentication services in the Port of Antwerp-Bruges. The company secures terminals for numerous logistic companies and enables physical and digital authentication for 45.000+ dockers, truckers and visitors

The Alfapass Smartcard, their physical authentication token, is still widely used by users to enter terminals and vehicles and pick up containers. But as leading, forward-thinking companies do, the people at Alfapass knew they needed to offer a digital authentication solution.

“Mobile authentication is a logical step for various reasons”, according to Els Desloovere, Alfapass’ Account Manager:

Firstly, we’re tailoring our services to our users’ habits. They use their mobile phones in nearly every aspect of their lives. It only makes sense for us to digitise our physical token and all its capabilities. On top of that, a digital solution enables app-to-app integration, which helps us prevent the purchase of hardware like physical terminals.

The inevitable digitisation of its solutions aside, Alfapass also needed to comply with the Certified Pick-up (CPu) regulations that the Port of Antwerp-Bruges implemented. CPu is a mandatory application for container release at container terminals. The legal framework is included in the Port Police Regulations.

How Alfapass makes the Port of Antwerp-Bruges safer with mobile passwordless MFA

“These requirements mandate and regulate the use of biometric authentication in the ports. The user’s biometric data can’t be centralised and can only be accessed and stored by the user. Given these stipulations we chose to roll out mobile biometric authentication that only the user could manage for security and usability reasons.”

“Our truckers, and any visitor for that matter, had to step out of their vehicle and manually scan their Alfapass Smartcard to gain entry to a terminal. We wanted to enable those users to authenticate themselves from the comfort and safety of their vehicle and phone.”
“An authenticator app also helps our clients save money otherwise spent on authentication kiosks and other necessary hardware”, Desloovere concluded.

Why Alfapass chose nextAuth

“We briefly considered developing our own mobile authentication software, but we quickly realised that we would benefit from the expertise of an external provider.”

“We needed a solution that excels in usability and maintains the highest security standards. On top of that, the new solution had to guarantee non-repudiation and admissibility of all authentications.”

nextAuth checked all these boxes and provided Alfapass with a mobile passwordless MFA solution tailored to their needs.

What nextAuth provided Alfapass with

  1. 45.000+ end users can now access a locker, a vehicle, a terminal or any other building with a fingerprint or face scan on their phone.
  2. The private key -which is securely stored on their mobile device (something you have)- is combined with a custom implementation of a biometrics SDK in the MyAlfapass mobile app, preventing interception—the users’ mobile phone accounts as a full-fledged factor of the authentication setup.
  3. New employees and one-off visitors can now quickly onboard thanks to nextAuth’s mobile SDK, which complements Alfapass’ existing onboarding process.
  4. The users’ data are now protected by a more secure authentication method. On top of that, nextAuth’s technology minimises the risk of unauthorised access, protects app-backend communication with an extra encryption layer and guarantees non-repudiation of all authentications.
  5. The nextAuth IdP and RESTful API enabled ACA IT and Alfapass to implement our software into their systems seamlessly and manage all authentication processes without friction.
Book your personal demo