Services & Solutions

Software License Control
Public Key Infrastructure Security
- Token Management System
- SecurePKI Solution
Digital Signature Solution
Authentication Solution
- One Time Password Security
- Centralize Authentication Gateway
Infrastructure Security
- Cloud Security Solution
- DNS Security Solution
Professional Services & Training
Contact US
- Enquiries
- Contact Details

One Time Password Security Solution

Introduction

A password is a secret word or phrase that must be used to gain access to something. That something can either be an application, a network, documents, data or a computer system. Generally, a password should consist of something that is hard to guess, so that it will remain a secret. We call this type of password as “static password” as it does not change and rarely altered.

Click here to enquire about Our SecureOTP Token

The Problem with Static Password

However, with our increasing dependence on the Internet, using static password to gain access to a system is no longer safe. This is because static passwords can be cracked, guessed or stolen. Hackers are getting better each day at cracking sophisticated passwords. Once this happened, they can gain access to your private network and steal your sensitive business information such as your customer database, emails or financial information.

Besides that, static passwords have many other shortcomings. It is a hassle for users, having to remember a lot of passwords for different systems or applications. Another problem with static password is it is a drain for helpdesks; more than half of all end user calls relate to password problems such as lost, forgotten or compromised passwords. Management and security managers are also getting headaches with the use of static passwords as the weak authentication method renders user not accountable or responsible for their actions. Besides that, with a static password, we can never know when it is stolen until it is too late.

The Solution

So now you may ask yourself, what is the ideal solution that can provide STRONG AUTHENTICATION to protect your valuable business information?

The answer is 2-Factor Authentication Method such as SecureOTP Authentication Server 3 by SecureMetric Technology. SecureOTP Authentication Server 3 uses One-Time-Password (OTP) technology to provide strong authentication. An OTP is a password that is valid for only ONE login session or transaction and after that it becomes obsolete. It is also known as a dynamic password. There are two approaches to generate an OTP:

Time based OTP – the OTP changes at frequent intervals (for example every 30 or 60 seconds).
Event-based OTP – the OTP is generated by pressing a button on the OTP device or token.

The great thing about SecureMetric’s SecureOTP Authentication Server 3 is that it supports multiple 2-factor authentication OTP tokens, for instance:

SecureOTP Hardware Tokens
SMS and Messaging Tokens
J2ME Mobile Token
Software Token
Browser Token

SecureOTP Authentication Server Version 3.0 (ASV3)

Our SecureOTP Authentication Server Version 3.0 (ASV3) is the backend system for our One-Time-Password (OTP) Solution. ASV3 is made up of three main parts: the authentication server, the management tool and the authentication agent, as well as three supplementary parts; the database management system for OTP server, SDK interfaces for customization, and OTP tokens for producing dynamic passwords.

Attractive Features in ASV3:

Multiple Platforms Support
Platforms as many as IBM AIX, HP-UX, Windows, Linux, SUN Solaris and FreeBSD are all supported.
Multiple Database Support
Databases such as DB2, Oracle, SQL Server, Sybase, PostgreSQ and MySQL are supported.
Broad Range of Applicability
OTP Server Authentication System V3.0.1 can be applied to many areas such as finance, insurance, telecommunication, taxation, customs, office, education and entertainment etc.
Comprehensive Management Tool
The management tool of ASV3 provides full management functions on authentications, administrators, end-users, tokens, authentication servers, authentication agents as well as logs.
Supports Advanced Authentication Solutions
ASV3 also supports advanced authentication solution such as Challenge-Response Authentication, Transaction Signature Authentication and Double-Way Authentication Solution.

SecureOTP AS PRO

SecureOTP AS PRO is full OATH standard One-Time-Password (OTP) Authentication platform that enables financial institutions, managed service providers, and other organizations to support a wide range of authentication methods, building customer confidence in online transactions, increasing security, and reducing costs. SecureOTP AS PRO provides a highly scalable, centralized authentication server with the capability to manage a wide range of security tokens.

Wide range of authentication methods

Hardware and Software One-Time Password strong authentication Tokens.
Hardware and Software One-Time Password Signature Token transaction security Tokens.

Comprehensive management tools

Integration with remote authentication servers, such as LDAP and RADIUS
Full lifecycle management of Software and Hardware token devices.
All authentication and administration actions are recorded within a centralized, audit logs.
Web self-service tools including token/ card activation, PIN reset and password maintenance.
Multiple service channel support (Web, IVR, ATM etc.) using a single authentication method.

Rapid deployment capabilities

SecureOTP AS PRO can be deployed in a variety of ways:

As an appliance
Software installation