SecureOTP: Total One-Time-Password Solution

5,011 views

Published on

Published in: Technology
0 Comments
15 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
5,011
On SlideShare
0
From Embeds
0
Number of Embeds
807
Actions
Shares
0
Downloads
5
Comments
0
Likes
15
Embeds 0
No embeds

No notes for slide

SecureOTP: Total One-Time-Password Solution

  1. 1. SecureOTP Authentication Server 3<br />Total One-Time-Password Solution<br />
  2. 2. What Is APassword<br />A password is a SECRET word or string of characters that is used for authentication, to prove identity or gain access to a resource<br />Generally, should be something that is hard to guess<br />
  3. 3. How Many Passwords Do You Have?<br />
  4. 4. Instant Messaging<br />Travel and Leisure<br />
  5. 5. Online Banking or Payment Service Provider<br />
  6. 6. How Do You Remember Your Passwords?<br />
  7. 7. Your passwords can be easily:<br />Cracked<br />Stolen<br />Guessed<br />
  8. 8. Other Shortcomings of A Password<br />A hassle for users<br />A drain on the helpdesk<br />A headache for the management<br />A worry for security managers<br />
  9. 9. How To Steal A Password<br />Shoulder surfing<br />Snooping on the user’s network connection<br />Hacking the system’s password file<br />Simple guesswork<br />Use powerful password cracking tools<br />1<br />2<br />3<br />4<br />5<br />
  10. 10. Conclusion:<br />The classic username-and-password combination can only deliver weak authentication. And yet it is all that stands between your sensitive business information and prying eyes.<br />
  11. 11. What is the IDEAL solution that can provide STRONG AUTHENTICATION?<br />
  12. 12. SecureOTP Authentication Server 3<br />
  13. 13. Two-Factor Authentication<br />What you have<br />What you know<br />Strong Authentication<br />+<br />=<br />
  14. 14. Two-Factor Authentication<br />Your username and password<br />What you have<br />What you know<br />Strong Authentication<br />+<br />=<br />A One-Time-Password Token<br />
  15. 15. One-Time-Password (OTP)<br />A password that is valid for only ONE login session or transaction<br />Also known as dynamic password<br />
  16. 16. OTP Technology<br />Two input factor is taken to generate an OTP.<br />Time factor or Number of clicks<br />1<br />Seed code<br />2<br />Types of OTP:<br />Time-based authentication<br />1<br />Event-based authentication<br />2<br />Challenge-response-based authentication<br />3<br />
  17. 17. Comparison Matrix<br />
  18. 18. SMS & Messaging Token<br />J2ME Mobile Token<br />Software Token<br />Browser Token<br />Multiple 2-Factor OTP Tokens <br />SecureOTP Hardware Token<br />
  19. 19. SecureOTP Hardware Tokens<br />SecureOTP Card<br />SecureOTP Time<br />SecureOTP Event<br />OTP + PKI Combo<br />SecureOTP Hybrid<br />SecureOTP CR<br />
  20. 20. SecureOTP Hardware Token Feature Highlights<br />High Mobility<br />Low Cost<br />High Security<br />High Quality<br />
  21. 21. How SecureOTP Works<br />Same Account<br />Account1<br />Account 1<br />+<br />+<br />Customer<br />Authenti-cation Server<br />Same PIN<br />Pwd<br />Pwd<br />+<br />+<br />Same OTP<br />555532<br />Same Algorithm<br />Algorithm<br />Algorithm<br />Timer/Event<br />Seed<br />Timer/Event<br />Seed<br />Same Seed<br />Same Event Counter / Timer<br />
  22. 22. PWD<br />OTP<br />Time/Event Synchronous OTP Workflow<br />DB<br />+<br />3<br />User Input<br />1<br />2<br />4<br />5<br />SSL<br />Authentication<br />Server<br />Application <br />Server<br />
  23. 23. PWD<br />Challenge<br />Challenge-Response OTP Workflow<br />6<br />DB<br />Authentication<br />Server<br />+<br />5<br />7<br />2<br />User Input<br />3<br />1<br />4<br />8<br />Application<br />Server<br />
  24. 24. OTP System Components<br />
  25. 25. SecureOTPFeature Highlights<br />Flexible<br />Support<br />Powerful Admin. <br />Central<br />Design<br />Multiple Language Support<br />Strong Security<br />
  26. 26. SecurePKI<br />USB PKI Tokens<br />Complete PKI solution with Certificate and Token Lifecycle Management.<br />Cost effective advanced MCU smart chip based USB token <br />SecureOTP Authentication System<br />PKI Smart Cards<br />Advanced OATH hardware token based OTP authentication solution<br />Contact and Dual Interface MCU smart chip based Smart Cards<br />SecureOTP Advanced Authentication System<br />OTP, Hybrid and CR Tokens<br />Multi-Factor OTP authentication solution<br />OTP, OTP + PKI, and Challenge Response chip based Tokens<br />SecureMetric 2-Factor Authentication<br />2FA Security Solutions<br />2FA Security Devices<br />
  27. 27. session<br />
  28. 28. Thank You.<br />Prepared by:<br />RafidahAriffin<br />SecureMetric Technology Sdn. Bhd.<br />rafidah.ariffin@securemetric.com<br />

×