PUBLIC KEY INFRASTRUCTURE (PKI) TOKEN
Secure Internal Encryption & Decryption
Public Key Infrastructure (PKI) Token
Secured,Assured & Dependable
Cryptography keys can now be generated onboard and safeguard inside the secure element of securetoken to support qualified PKI certificate implementation.
It enables secure 2FA which combines “what you have (securetoken)” and “what you know (User PIN)” during the authentication process.
Users are required to plug in the securetoken and key in their respective User PINs in order to gain access into sensitive data/information/system and/or authorize any crucial transaction.
SecureToken ST3
SecureToken ST3 ACE
SM-Biopass PKI Token
SecureToken ST3
SecureToken ST3
SecureToken ST3 is the latest state of the art Auto-Install model which combines both high speed and high security 32-bit microprocessor with 128K (64K usable) memory smart card based authentication device together with 2MB flash memory for Auto Installer facility for needed middleware and token manager tool. This model eliminates common hassle on implementing USB token where external media such as CD-ROM is still needed for token’s middleware and tool installation manually.SecureToken ST3 is a truly Auto Install model. No manual installation is needed for device driver and middleware. Choose SecureToken ST3 if you are looking for the best option with maximum speed, security and convenient. Limited middleware customization is possible.
Key Features:
Onboard generation of RSA 2048-bit key pair
Random Number generation performed on hardware
Built-in support for RSA, DES, 3DES, MD5 and SHA-1 algorithms
Middleware support PKCS#11 and Microsoft CAPI applications
Supports multiple PKI and smart card applications
Compliant and Certified by International Standards
Technical Specification:
Model | SecureToken ST3 |
Chip Security Level | Secure Microprocessor Smart Chip based with PBOC, CFCA, compliant to EAL4+ |
Processor | 32-bit |
Interface | HID driverless with CSP and Middleware Auto Install |
Card Operating System | 128K (64K for User) on Smart Chip 2MB for Flash. |
Memory Size | SecureCOS |
Middleware | Comply to PKCS#11 and MS CAPI, hot-pluggable to Internet Explorer, Microsoft Outlook, Outlook Express, Mozilla Firefox and many more |
Windows Smart Card Logon | No |
Certificate Storage | Up to 16 (X.509 v3 Digital Certificate) |
On-Board Security Algorithms | RSA, DES, 3DES, SHA-1, Hardware generated 2048-Bit RSA Key Pairs. Optional to support 3rd party algorithms |
Dimension | 59mm x 18mm x 9mm |
Certification | CE, FCC, MYCC Level1 |
Weight | 5g |
Power Dissipation | less than 250mW |
Operating Temperature | 0ºC to 70ºC (32ºF to 156ºF) |
Storage Temperature | -40ºC to 85ºC (-40ºF to 185ºF) |
Humidity Rating | 0 to 100% without condensation |
Connector Type | Standard USB 1.1 and support USB 2.0 connection |
Casing | Hard Molded Plastic, Tamper Prove (Optional), RoHS compliance |
Memory Cell Rewrites | More than 100,000 times |
Memory Data Retention | At least 10 years |
Standards | X.509 v3 Certificate Storage, SSL v3, IPSec, ISO 7816 compliant |
Supported Operating Systems | Windows, LINUX and Mac |
-Smart Chip Based
Advanced EAL4+ and ITSEC certified microprocessor smart chips enable the algorithm’s execution and on board seed code generation. Microprocessor smart chips also prevent hardware cloning and duplication attacks.
-Multi Levels Access Right Management
Supports multi level access right management to facilitate different access rights for the development team.
-HID Driverless
As HID driverless, SecureDongle requires no external device driver installation, thus minimizing the common technical issue arise from device driver. No driver is required. As long as a USB thumb drive is compatible with
-User-define security password
Supports on-board seed code and random number generation which developer can apply into their protection to strengthen the security and to make the protection more complicated to crack.
-Secure Communication
SecureDongle is built also with advanced encryption/decryption on communication between firmware and hardware to prevent debugging and emulator attacks.
SecureOTP Brochure
Want to know more about the ideal solution that’ll provide STRONG AUTHENTICATION to protect valuable business information?
SecureToken ST3 ACE
SecureToken ST3 ACE
ST3 ACE is aimed to be bundled with SecureMetric’s patterned advanced SecureTMS client components that in order to simplify PKI token deployment as to achieve excellent user experiences.
The key challenge for most PKI implementation is user experience management, this usually considered as one of the key success factor. If the user needs to go through all the tedious PKI processes without proper, the chances to encounter strong user resistant will be very likely. A great PKI implementation should come with well-designed user friendly approach to simplify PKI processes as much as possible while still complying to the set security policies.
The key challenge for most PKI implementation is user experience management, this usually considered as one of the key success factor. If the user needs to go through all the tedious PKI processes without proper, the chances to encounter strong user resistant will be very likely. A great PKI implementation should come with well-designed user friendly approach to simplify PKI processes as much as possible while still complying to the set security policies.
Typical PKI problems can now be solved with ST3 Ace:
Operate
Annoying ActiveX/ Java Applet Components.
Forget these web application components. The ST3 Ace can operate with full token and certificate functions without using any of these annoying components that requires client side installation and difficult to support.
Troubleshooting
Technical Troubleshooting especially for non- IT background users Diagnostic tool in the ST3 Ace is ready to provide revolutionary way of troubleshooting where most common problems can be resolved by the tool without even dialing the technical support number. In the event where further technical support is needed, this tool can produce a report which can be very useful for technical support to analyze the problem Renewal.
Tedious Certificate Renewal Process via Online Renewal Portal Auto Renewal is supported by ST3 Ace with even the possibility of using pre-configured renewal policy. Fully automated renewal is also possible.
Technical Troubleshooting especially for non- IT background users Diagnostic tool in the ST3 Ace is ready to provide revolutionary way of troubleshooting where most common problems can be resolved by the tool without even dialing the technical support number. In the event where further technical support is needed, this tool can produce a report which can be very useful for technical support to analyze the problem Renewal.
Tedious Certificate Renewal Process via Online Renewal Portal Auto Renewal is supported by ST3 Ace with even the possibility of using pre-configured renewal policy. Fully automated renewal is also possible.
Unblocking
Forgetting Token User PIN after long holiday which resulted a tedious unblocking process or even sending the physical token back to the provider
Secure Token User PIN Unblocking mechanism from ST3 Ace not only simplifies the PIN Unblocking process, but also allowing end users to perform such function remotely. Enrollment
Tedious Certificate Enrollment Process via Online Enrollment Portal Certificate Enrollment via ST3 Ace eliminates the need of data entry from end user side with the end user only needs to verify necessary information before certificate enrollment take place.
Secure Token User PIN Unblocking mechanism from ST3 Ace not only simplifies the PIN Unblocking process, but also allowing end users to perform such function remotely. Enrollment
Tedious Certificate Enrollment Process via Online Enrollment Portal Certificate Enrollment via ST3 Ace eliminates the need of data entry from end user side with the end user only needs to verify necessary information before certificate enrollment take place.
Supporting
Difficulty on supporting multiple platform.
The ST3 Ace online installer can now cross-platform supporting Windows, Linux & Mac without breaking a sweat.
Technical Specification:
Model | SecureToken ST3 ACE |
Chip Security Level | Secure Microprocessor Smart Chip based with PBOC, CFCA, Certified CCEALS+, Hongsi HS32 |
Processor | 16-bit |
Interface | CCID |
Memory Size | 128K (64K for User) on Smart Chip 2MB for Flash |
Card Operating System | SecureCOS |
Middleware | Microsoft CSP/CNG, Minidriver, PKCS#11 |
Windows Smart Card Logon | Yes |
Certificate Storage | Up to 16 (X.509 v3 Digital Certificate) |
On-Board Security Algorithms | RSA (Hardware generated 1024/2048 bit RSA Key Pairs), ECDSA 192/256, DES/3DES, AES 128/192/256 bit, SHA-1, SHA-2 (256,384) |
Dimension | 59mm x 18mm x 9mm |
Certification | CE, FCC, MYCC Level 2, FIPS level 3 (FIPS 140-2 Level 3) |
Weight | 5g |
Power Dissipation | less than 250mW |
Operating Temperature | 0ºC to 70ºC (32ºF to 158ºF) |
Storage Temperature | -20ºC to 85ºC (-40ºF to 185ºF) |
Humidity Rating | 0 to 100% without condensation |
Connector Type | USB 1.1, 2.0 full speed, Connector type A |
Casing | Hard Molded Plastic, Tamper Prove (Optional), RoHS compliance |
Memory Cell Rewrites | At least 500,000 write |
Memory Data Retention | At least 10 years |
Standards | X.509 v3 Certificate Storage, SSL v3, IPSec, ISO 7816 1-4 8 9 12, CCID,PC/SC |
Supported Operating Systems | Windows XP/Vista/7/8/10/…Windows Server, LINUX and Mac OS |
-Secure Communication
SecureDongle is built also with advanced encryption/decryption on communication between firmware and hardware to prevent debugging and emulator attacks.
SecureOTP Brochure
Want to know more about the ideal solution that’ll provide STRONG AUTHENTICATION to protect valuable business information?
SM-Biopass PKI Token
SM-Biopass PKI Token
Securemetric Prioritise User Experience- SM-Biopass simplify PKI token deployment as to achieve excellent user experiences.
Securemetric SM-Biopass PKI Token SM-Biopass PKI Token is the latest innovation by SecuremetricTechnology designed to integrate all critical tokenmanagement functionalities and certificate lifecycle to the middleware level without interaction with web browsers. In addition to that, almost every PKI processes can now be automated without heavily involving end users.
SM-Biopass PKI Token solve following PKI problems:
– Online installer supporting multiple OS platform- MS Windows, Linux & MAC
– Solving forget User Pin problem as it is authenticated use biometric fingerprint.
– End user certificate enrollment & certificate renewal process via secure online platform.
– User friendly technical problem troubleshooting / diagnostic too.
SM-Biopass PKI Token solve following PKI problems:
– Online installer supporting multiple OS platform- MS Windows, Linux & MAC
– Solving forget User Pin problem as it is authenticated use biometric fingerprint.
– End user certificate enrollment & certificate renewal process via secure online platform.
– User friendly technical problem troubleshooting / diagnostic too.
Technical Specification:
-Smart Chip Based
Advanced EAL4+ and ITSEC certified microprocessor smart chips enable the algorithm’s execution and on board seed code generation. Microprocessor smart chips also prevent hardware cloning and duplication attacks.
-Multi Levels Access Right Management
Supports multi level access right management to facilitate different access rights for the development team.
-HID Driverless
As HID driverless, SecureDongle requires no external device driver installation, thus minimizing the common technical issue arise from device driver. No driver is required. As long as a USB thumb drive is compatible with
-User-define security password
Supports on-board seed code and random number generation which developer can apply into their protection to strengthen the security and to make the protection more complicated to crack.
-Secure Communication
SecureDongle is built also with advanced encryption/decryption on communication between firmware and hardware to prevent debugging and emulator attacks.
SM Biopass Datasheet
Want to know more about the ideal solution that’ll provide STRONG AUTHENTICATION to protect valuable business information?
1
%
of software installed on PCs around the world in 2015 were not properly licensed (a decrease from 43% in BSA’s previous global study published in 2014)
1
%
worldwide rate of unlicensed use in banking, insurance and securities industries (despite the fact that much tighter control of the digital environment is expected)
1
billion
The commercial value of unlicensed software worldwide plunged (BSA’s 2014 report cited commercial value of $62.7 billion)
Case Studies
National Cyber Security Agency (NACSA) & Securemetric Berhad
NACSA partners with Securemetric to enhance Malaysia's cybersecurity through FIDO2's passwordless authentication for critical information infrastructures.
Lazada Group’s Transition from EJBCA Community
Securemetric assisted Lazada Group's Transition from EJBCA Community to PKI-in-a-Box
Philippine Clearing House implemented PKI-In-A-Box to secure their clearing system
A significant stride was achieved when the Philippine Clearing House Corporation (PCHC) selected Securemetric to furnish and execute PKI-In-A-Box as a pivotal component of their nationwide digital security enhancement within their payment clearing system.
Universiti Utara Malaysia Entrusted Securemetric’s Microsoft Expertise
Since 2018, Securemetric's Microsoft Enterprise Solutions team, in collaboration with Sri Vision specialists, has been entrusted with the management of Universiti Utara Malaysia's IT infrastructure
Turnkey customized EJBCA Enterprise for Vietnam Government Information Security Commission
In the year 2015, Securemetric achieved a significant feat by securing a contract for a comprehensive turnkey PKI implementation for the Vietnamese Government, executed under the aegis of the Vietnam Government Information Security Commission (VGISC).…
Badan Siber Dan Sandi Negara upgraded to EJBCA Enterprise
Charged by the Indonesian government with the pivotal role of establishing and operating the Indonesia Government Certificate Authority, BSSN is entrusted with the issuance of digital identities and pivotal trust services to governmental entities nationwide.