A token is a small hardware device that the owner carries to authorize access to a network service. The device may be in the form of a smart card or may be embedded in a commonly used object such as a key fob. Security tokens provide an extra level of assurance through a method known as two-factor authentication: the user has a personal identification number (PIN), which authorizes them as the owner of that particular device; the device then displays a number which uniquely identifies the user to the service, allowing them to log in. The identification number for each user is changed frequently, usually every five minutes or so. Unlike a password, a security token is a physical object. A key fob, for example, is practical and easy to carry, and thus, easy for the user to protect. Even if the key fob falls into the wrong hands, howe’ver, it cant be used to gain access because the PIN (which only the rightful user knows) is also needed.
Start fast with one-time password
One-time password (OTP) is a good first step in securing your network, especially when granting access to remote users. OTP provides an additional layer of security to username and password. The user simply enters a
username and the numeric code provided by the OTP device. The authentication server validates the code, and
access is granted to appropriate network resources. This increases the security of the login process by ensuring the person accessing the network is in possession of two factors of identity verification. In this case, the OTP device and a username and potentially a password. This means that someone cannot simply find a password written down or obtain credentials through social engineering. They actually need to have the OTP device and the right code in conjunction with the user’s other information.
IDProve 1000 OTP Token
Protect your network identities. OATH Compliant. 6-8 digits OTP length. Single button. No PIN needed. LCD display of up to eight digits. High contrast single line display. Key chain attachment. Serial number printed on the back. 5 years battery life.
When an end-user enters an OTP generated by their device, the OTP is sent to the IDConfirm server. The server verifies the OTP and when satisfied with its authenticity, grants the necessary access. In addition, if an end-user should lose their token or device, when provided with the right answers to a series of secret questions, the IDConfirm server will create a virtual token and generate an OTP that can be used as a one-time access method.
It’s no secret that people tend to choose passwords that are easy to remember. And, if they pick a more complex password, they’ll likely write it down and leave it in a place where it can be found. Bottom line—static passwords just aren’t good enough anymore. Today’s hackers are smarter and faster at getting to your data and all it takes is one breach to cost you not only dollars, but your reputation as well.
IDProve 300 Out-of-Band Mobile Token
Simply press the Send Passcode button on the mobile device and secure access to enterprise resources is granted. OOB (Out-of-Band) authentication provides 2 seperate channels which are accessed simultaneously to authenticate in an easier, more secure way. State-of-the-art security (device fingerprint, jailbreak and rooting detection). Easy to deploy PIN policy. Mobile soft token, time based OTP application to secure authentication operations in the same way as hardware tokens.
Activating the mobile token is completed in four easy steps:
IDConfirm platform -includes all components needed to deploy strong authentication in your organization and for a low total cost of ownership. This is realized through packaged plug-and-play solutions that are adaptable to existing networks and AAA servers and built according to open OATH standards.
IDConfim offers the highest level of security for two-factor authentication. You can choose from a wide range
of connected or unconnected form factors including smart cards, tokens, and mobile or desktop OTP.
Easy to deploy, Scalable, Leverages existing infrastructure.
You can choose from a wide range of connected or unconnected form factors including smart cards, tokens, and a mobile OTP phone application.Our software solutions are open, scalable and evolutive.
- One-Time Password (OTP) credentials protection strong authentication solution for Mobile workers who want to access to their enterprise resources: VPNs, mail, web pages, etc.
- Multiple Authentication devices (hardware, software) which allow adapted security solution choice
- Easy user adoption (easy to use)
- Simple Management and Scalable for customer performance needs (from 1 user to 100K+)
- Easy installation for standard configuration (less than 20 min) and integration in existing IT configuration
- OTP high-end devices offer additional authentication methods (PKI, biometric)
- Channel-friendly: packaging, provisioning, purchase and license generation
- IDConfirm 1000 OTP Windows logon option: Strong Authentication OTP Solution for Microsoft DirectAccess