Gemalto

Access Control systems > OTP

The OTP solution is used to access a network or receive a service by using a one time password, which changes every time authentication is performed. It is a strong authentication method that prevents situations of stolen identity because of the fact that the actual authentication details change with every attempt to access a network.

Today, most organizational networks and online trading sites still use a username and password as the access method to services, as well as personal and sensitive items of information. Although these access solutions are easy to apply, they place a difficult challenge before the organization or website as they open up a wide gap for identity stealing by information digging, documenting keyboard striking and other attacks, which are only intensifying all the time.

Gemalto’s cards support strong OTP authentication in Java and Microsoft.net environments. All of Gemalto’s authentication components are managed and authenticated in one Strong Authentication (SA) Server, which supports a string of standard management tools.

The SA Server performs the authentication according to the OATH standard, which allows authentication without the user installing software. The server allows applying authentication rules to various files, and also individual users, in an organization.

The server’s chief characteristics:

 Supports OATH and EMV CAP standards.
 Web architecture.
 IBM DB2, MySql, Firebird databases.
 User database – Novel, Microsoft Active Directory, eDirectory.
 Authentication – Application based, Radius, HTTP HTTPS (Citrix, OWA, ISA).
 Supports HSM.

The SA server is designed to allow maximum flexibility for various authentication instances and different network structures. The server supports the two authentication methods: When the component is connected to a computer, usually by USB, then the OTP is sent to the SA automatically without the user having to create it. In the second method, users create an OTP and type it on the authentication screen in the kiosk station either in their own computer or in the smart telephone device.