one time password security
DESCRIPTION
one time password security for authentication purposeTRANSCRIPT
www.securemetric.com
SecureOTP is an advanced secure microprocessor chip based One-Time-Password (OTP) token that offers strong Dynamic Password with 2-Factor Authentication (2FA) as to eliminate risks presented by static, shared, stolen or easily guessed passwords. No need to memorize neither any password nor the hassle to think of difficult-to-guess passwords, simply click on the device's button and the passwords will be generated automatically.
The OTP platform is developed based on OATH (Open Authentication Technique - an industry-wide collaboration on OTP standard) with the design aim for Maximum Security yet Easy to Deploy and Use. It can be seamlessly integrated with any other 3rd party Authentication Server that supports OATH standard. As a Non-Connected security device thus no software or device driver installation is needed, completely portable and can be used at anywhere in anytime.
SecureOTP designed to support strong crypto algorithms where the algorithms computation is done completely on hardware and isolated to computing environment for better security. SecureOTP is Tamper Prove as the data is self-destructed once the token is physically broken.
• Strong Security Eliminates the use of unsafe static passwords and replace it with secure dynamic passwords.
• Cost Effective SecureOTP is the most competitive OTP option in the market, pricing is always our advantage. Why pay more!
• Easy to Deploy and Use SecureOTP can be rapidly integrated into any 3rd party system and it offers ultimate user friendly usage, just simply click and OTP is generated.
• Versatile SecureOTP can securely integrate with more than one application, allowing support for many concurrent OTP authentications in different applications.
• Highly Portable No software installation needed and small in size, can carry and use it anywhere in anytime.
Why SecureOTP
www.securemetric.com
SecureOTP E offers strong 2-Factor Authentication through Event synchronous One-Time-Password technique or Event based One-Time-Password. This method is where the security cryptography is base on an incremented sequence number when each time a user press the token’s button, as the input value and combine together with the initiated secret key inside the token in order to generate the require One-Time-Password. Event based One-Time-Password will have no expiry which tend to be more convenient to users who prefer great user friendliness.
OATH Compliant Event Based OTP Token
SecureOTP Event Feature Highlights
SecureOTP Event
• 8-bit Microprocessor Smart Chip based• Trendy hard model plastic• 6 digits (can be customized upto 8 digits) LCD screen• Globally Unique Hardware ID• Compliance to OATH (HOTP Algorithm)• Seamless integration to 3rd party HOTP authentication system• Onboard OTP generation• Event-based synchronous• Support Zero footprint authentication• RoHS compliant• Water Resistance with IP54 certified• Tamper Prove case• Zero Client Software Installation.
SecureOTP Time offers One-Time-Password that where the security cryptography is synchronized base on the token’s real time clock and the server time. Simply press the button and SecureOTP Time will display a secure One-Time-Password which is generated base on the current time and the initiated secret key. The One-Time-Password will be changed after every 60 seconds, such short validity of the One-Time-Password will prevent someone who "steal" the password can perform any harmful activities after the valid interval.
OATH Compliant Time Based OTP Token
SecureOTP Time Feature Highlights
SecureOTP time
• 8-bit Microprocessor Smart Chip based• Trendy hard model plastic• 6 digits (can be customized upto 8 digits) LCD screen• Globally Unique Hardware ID• Built-in real-time clock• Compliance to OATH (HOTP Algorithm)• Seamless integration to 3rd party HOTP authentication system• Onboard OTP generation• Time-based synchronous with 60 seconds validity• Support Zero footprint authentication• RoHS compliant• Water Resistance with IP54 certified• Tamper Prove case• Zero Client Software Installation.
www.securemetric.com
SecureOTP Hybrid is the combination of our SecureToken ST2 and SecureOTP Event into a single combo device. It offers the enhanced security features which can combine both One-Time-Password and Public Key Infrastructure security for 2-Factor Authentication implementation.
PKI & OTP Combo Token
SecureOTP Hybrid Feature Highlights
SecureOTP hybrid
• 8-bit Microprocessor Smart Chip based• Trendy hard model plastic with high contrast LCD screen• Globally Unique Hardware ID• Onboard generation of RSA 1024-bit key pair• Onboard OTP generation with Event based synchronous • Random Number generation performed on hardware• Built-in support for HOTP, RSA, DES, 3DES, MD5 and SHA-1 algorithms• Middleware support PKCS#11 and Microsoft CAPI applications• Supports multiple OTP, PKI and smart card applications• FIPS, RoHS, PC/SC compliant, CE and FCC Conformity Certified.• Seamless integration to 3rd party HOTP and PKI authentication system• RoHS compliant• Water Resistance with IP54 certified• Tamper Prove Casing
SecureOTP CR is built based on OATH Challenge Response Algorithms (OCRA) which enables a real-time 2-Factor Authenti-cation that can prevent common threat from Man-In-The-Middle Attacks. Challenge Response is designed to be a 2 ways authentication where the user will require to key in the correct Challenge phrase, which will then activated the token to generate a Response, i.e. the One-Time-Password. This technique will prevent token-not-present mode where the user will always require to hold the token in order to proceed during the authentication process.
OATH Compliant Challenge-Response OTP Token
SecureOTP CR Feature Highlights
SecureOTP cr
• 8-bit Microprocessor Smart Chip based• Trendy hard model plastic with high contrast LCD screen• Large Key Pad• Globally Unique Hardware ID• Compliance to OATH (OCRA Algorithm)• Seamless integration to 3rd party OCRA authentication system• Onboard OTP generation base on random question• Challenge Response based synchronous• Support Zero footprint authentication• RoHS compliant• Water Resistance with IP54 certified• Tamper Prove case• Zero Client Software Installation.
www.securemetric.com
SecureOTP Technical Specifications
HardwarePlatform
OTP Platform
Token Casing
Memory
Power
Working Environment
Unique Identifier
Middleware
USB Connection
DescriptionsEvent Time Hybrid CR
Secure 8-bit Microprocessor smart chip based
Onboard OTP generation
Hard Molded Plastic (ABS)
55.9 x 26 x 10mm dimension
14,000 clicks or 3 to 5 yearsBattery Lifetime
10,000 clicks or 3 yearsBattery Lifetime
12.3g Weight 16g Weight
PKCS#11 andMS CAPI compliant
USB 1.1 andUSB 2.0 (type A)
21.3g Weight
1 Press Button
8 Digits LCD Screen
Water Resistance (IP54 certified)
Static Random Access Memory
Standard Lithium Battery
Operating Temperature between -0°C to 50°C
Storage Temperature between -20°C to 70°C
Humidity Rating of 0 to 100% without condensation
Globally Unique Serial Number
Tamper Evident
RoHS Compliant
Key Pad
High ContrastLCD Screen.
Hard Molded Plastic (PC)
OATH Event based
OATH Timebased
OATH Event based
70 x 26 x 10mmdimension
73 x 50 x 5mmdimension
OATH OCRAbased
N/A N/A N/A
N/A N/A N/A
Kuala LumpurSecureMetric Technology Sdn. Bhd.2-2, Incubator 2, Technology Park Malaysia, Lebuhraya Sg Besi - Puchong, Bukit Jalil, 57000 Kuala Lumpur, Malaysia.Tel: +603 8996 8225 Fax: +603 8996 7225
JakartaPT SecureMetric TechnologyKomp. Ruko ITC Roxy Mas, Block C2, No. 42, Jl. KH. Hasyim Ashari, 10150 Jakarta, Indonesia.Tel: +62 21 6386 1282 Fax: +62 21 6386 1283
SingaporeSecureMetric Technology Sdn. Bhd. (Sales Representative Office) 105, Cecil Street, #06-01, The Octagon, Singapore 069534Tel: +65 6827 4451 Fax: +65 6827 9601
HanoiSecureMetric Technology Co.,Ltd203B, TDL Office Building, No. 22, Lang Ha Street, Dong Da District, Hanoi, Vietnam.Tel: +84 4 3776 5410 Fax: +84 4 3776 5416