SecureOTP: Total One-Time-Password SolutionPresentation Transcript
SecureOTP Authentication Server 3 Total One-Time-Password Solution
What Is APassword A password is a SECRET word or string of characters that is used for authentication, to prove identity or gain access to a resource Generally, should be something that is hard to guess
How Many Passwords Do You Have?
Instant Messaging Travel and Leisure
Online Banking or Payment Service Provider
How Do You Remember Your Passwords?
Your passwords can be easily: Cracked Stolen Guessed
Other Shortcomings of A Password A hassle for users A drain on the helpdesk A headache for the management A worry for security managers
How To Steal A Password Shoulder surfing Snooping on the user’s network connection Hacking the system’s password file Simple guesswork Use powerful password cracking tools 1 2 3 4 5
Conclusion: The classic username-and-password combination can only deliver weak authentication. And yet it is all that stands between your sensitive business information and prying eyes.
What is the IDEAL solution that can provide STRONG AUTHENTICATION?
SecureOTP Authentication Server 3
Two-Factor Authentication What you have What you know Strong Authentication + =
Two-Factor Authentication Your username and password What you have What you know Strong Authentication + = A One-Time-Password Token
One-Time-Password (OTP) A password that is valid for only ONE login session or transaction Also known as dynamic password
OTP Technology Two input factor is taken to generate an OTP. Time factor or Number of clicks 1 Seed code 2 Types of OTP: Time-based authentication 1 Event-based authentication 2 Challenge-response-based authentication 3
SecureOTP Hardware Token Feature Highlights High Mobility Low Cost High Security High Quality
How SecureOTP Works Same Account Account1 Account 1 ＋ ＋ Customer Authenti-cation Server Same PIN Pwd Pwd ＋ ＋ Same OTP 555532 Same Algorithm Algorithm Algorithm Timer/Event Seed Timer/Event Seed Same Seed Same Event Counter / Timer
PWD OTP Time/Event Synchronous OTP Workflow DB + 3 User Input 1 2 4 5 SSL Authentication Server Application Server
PWD Challenge Challenge-Response OTP Workflow 6 DB Authentication Server + 5 7 2 User Input 3 1 4 8 Application Server
OTP System Components
SecureOTPFeature Highlights Flexible Support Powerful Admin. Central Design Multiple Language Support Strong Security
SecurePKI USB PKI Tokens Complete PKI solution with Certificate and Token Lifecycle Management. Cost effective advanced MCU smart chip based USB token SecureOTP Authentication System PKI Smart Cards Advanced OATH hardware token based OTP authentication solution Contact and Dual Interface MCU smart chip based Smart Cards SecureOTP Advanced Authentication System OTP, Hybrid and CR Tokens Multi-Factor OTP authentication solution OTP, OTP + PKI, and Challenge Response chip based Tokens SecureMetric 2-Factor Authentication 2FA Security Solutions 2FA Security Devices