Token Based Authentication
Businesses, as well as personal banking clients, are increasingly depending on e-banking services in today's fast-paced world. Financial institutions worldwide are offering online banking for customer convenience but the service has its own integral risks, especially regarding the security of transactions. Businesses are often heavily concerned about the safety of their employees' personal data and corporate information subjected to fraud. As a result, businesses are looking at protecting their reputation and image, by offering e-access solutions to their customers and employees with the security and convenience they demand. Individuals are also constantly looking for secure methods to make internet transactions.
Businesses can also use the OTP application with the Simage 'secure contactless token' or other form factors like OTP display cards. These devices are multi-functional and can be used by the business to not only authenticate the employees for access to the company online databases but also for physical access control with the contactless interface on these devices. This is also a good for the business from a branding point of view as they can have their logo displayed on these devices. Businesses can now rest easy with the Token-based OTP (one-time password) solution and this option enables the businesses to offer a secure and easy way for its customers and employees to access company data.
Businesses can implement the service as a value-added feature for customers and employees to allow secure access to online portals and VPNs networks. Such a service will encourage greater use of online services thereby contributing to the efficiency of operations and secure access to the company services. The token generates a 6-digit single-use password. With the OTP and his User ID, a user can access his online account and authenticate himself on the company network. The OTP is generated without an online connection requirement.
How it Works
In the case of Token based OTP, a user wants securely access the company portal. Entering the company web login page the user is asked to type in the user ID and the password. The user reads the OTP on the token. The OTP is generated based on open source standard OATH algorithm.
The OTP is generated by the application and displayed on the token screen. The user can type this OTP as a dynamic password into the "password" space of the web login page for a secure web access. The website owner finally can ask the Central Transaction Platform for validation by taking the OTP together with the user's ID. This way the business has the complete solution out-of-the-box for online authentication. With the OTP generated by the token, users can also securely visit websites supporting OpenID standards. For OTP solution on tokens and cards, the OTP is time-based and changes at certain intervals. The user simply enters the OTP displayed on their token or cards to authenticate themselves on the company's portal.
As the OTP is generated with OTP Application and provides a Strong Multi-Factor authentication. The connection to the validation server is installed via a secure VPN tunnel which guarantees high-security level.
Financial Institution/ Enterprise / MNO/ Service Provider Benefits
Easy to implement and fast
No additional infrastructure or resources are required (authentication servers are hosted at Simage)
Less investment cost to provide the service
Better reputation and brand imageIncrease customer base with secure and reliable services
Attract customers from other market segments with a joint product offering
End User Benefits
Mobile handset independent. SIM application works on any handset
A highly secure authentication method
Undisputed reliability of services, anywhere, anytime
Convenient, fast and simple to use