News By Tag
News By Place
USB TOKEN - Raise your ROI with Two-factor Authentication
For so many categories access control solutions, what is your best option: USB Token/Smart Card Form TOKEN/ OTP Token?
What is Two-factor Authentication?
Two-factor authentication relies on the following items:
1. Something you have, such as a smart card ,USB Token or OTP Token
2. Something you know, such as a password/personal identification number (PIN), which enables the user to get the authority of accessing the application of smart card, USB Token or OTP Token
PKI – PKI stands for Public-Key Infrastructure, is a framework that provides security services to an organization using public-key cryptography. These services are generally implemented across a networked environment, work in conjunction with client-side software, and can be customized by the organization implementing them. An added bonus is that all security services are provided transparently - users do not need to know about public keys, private keys, certificates, or Certification Authorities in order to take advantage of the services provided by a PKI. (From Entrust)
OTP – OTP stands for One-Time Password, is to make it more difficult to gain unauthorized access to restricted resources, like a computer account. Traditionally static passwords can more easily be accessed by an unauthorized intruder given enough attempts and time. By constantly altering the password, as is done with a one-time password, this risk can be greatly reduced. (From Wikipedia)
To help the readers better understand two-factor authentication, here I use products from Feitian Technologies Co., Ltd. called ePass2000 - PKI based USB Token, FTSmart, and ePass OTP to explain their respective usage for Online Banking. In addition, the web security of online banking here is adhering to the industry standard measures, including:
Secured online sessions, indicated by a URL address beginning with https:// or a padlock symbol in the lower right hand corner of your browser
128-bit SSL (Secure Socket Layer) encryption
Session time-outs, which automatically logs you off your Online Banking session after a period of inactivity
Part I – ePass2000 – PKI based USB Token
ePass2000 is a USB token, compact and portable, designed for authentication, verification and information encryption services, and support E-mail Encryption, Digital Signing and SSL using Internet Explorer, Outlook, Outlook Express, Netscape Communicator or any software product based on the MS CAPI or PKCS#11 standards. In addition, ePass2000 is remarkably versatile and Feitian's SDK may be used to create many other user defined applications.
1. Each user of online banking is assigned an ePass2000 USB Token together with an initial PIN from banks
2. Each ePass2000 USB Token has a globally unique serial number, this is important and can only be used by the designated user
3. Users sign-on banks online and go to activation page to activate and register the ePass2000 USB Token before the expired date and download the digital certification into the ePass2000 USB Token with the initial PIN(during the processing of downloading the digital certification, ePass2000 USB Token generates the public key and private key by itself)
4. Once register, users will be required to keep ePass2000 USB Token inserting on the computer in order to submit the digital signature and continue processing financial transactions (Internal transfers, wire transfers, bill payments and account openings) and accessing cash management services (Online investing and Trade Services)
5. Users who sign-on banks online without ePass2000 USB Token will be restricted to view-only account access
ePass2000 USB Token uses smart card technology to enable the generation of public keys and private keys in the hardware. Private keys are never exposed to the PC environment.
Part II – FTSmart – All-in-one Solution
The online banking two-factor authentication usage of FTSmart is similar to ePass2000 USB Token. It’s only the interface and cost, which makes the difference. And how do we look at All-in-one? A smart card can include the magnetic stripe, contactless capability, use the USB port with a card reader. And also a smart card can be designed for electronic purse to meet the demand for public utility, says transportation, gas, water and electricity, in addition to the traditional bank card capability.
Notice: USB Token can also have the contactless capability or biometrics support, and more, can include Giga flash memory for storing documents and files. Smart Card can also involves Image authentication:
Part III – ePass OTP Token
ePass OTP Token is a chip-based authentication token offering total mobility with maximum flexibility. ePass OTP Token is the core component of Feitian Technologies’
1. Each user of online banking is assigned an ePass OTP from banks
2. Each ePass OTP package will be labeled with a globally unique serial number, this is important and can only be used by the designated user
3. Users sign-on banks online and go to registration page to register before the expired date
4. Once register, users will be required to enter the password generated by the ePass OTP (press the button on ePass OTP then display) in addition to the User ID and static PIN each time when sign-on the secure online session, in order to continue processing financial transactions ( Internal transfers, wire transfers, bill payments and account openings) and accessing cash management services (Online investing and Trade Services)
5. Users who sign-on banks online without ePass OTP password will be restricted to view-only account access
ePass OTP solution is helpful to minimize the risk of phishing, Trojan, shoulder surfing and other common types of online fraud.
Of course, two-factor authentication is also necessary for MNC (MultiNational Corporation)
For more information, please visit us at http://www.ftsafe.com
# # #
Established in 1998, Feitian is dedicated to being the leading innovator of smartcard and chip operating system based security technologies and applications. Feitian's major business covers Software Protection, Strong Authentication, Smartcard COS and Peripherals.
Feitian cooperates closely with global leading smartcard chip providers, serves valuable customers with the world's latest technologies via its expanding sales and services network internationally.