HID-ActivID-One-Time-Password-Solutions-Brochure
Open the original PDF document
View PDF
It's common knowledge that passwords aren't enough. In fact, weak passwords are the #1 cause of information breaches. In today's age of increasing threats and strict compliance demands, it's critical to move beyond passwords to more secure authentication methods to ensure the person asking for access is who they say they are.
Enter multi-factor authentication. Multi-factor authentication requires the user to prove their identity by presenting two or more pieces of evidence. These factors can include something they know, something they have, or something they are. A popular method is the use of security tokens to provide a one-time passcode.
ActivID® tokens generate random passcodes that cannot be re-used. End users gain access to resources by possession of the token and knowledge of a PIN number. Common use cases include:
- Employee authentication to corporate resources such as workstations, cloud applications, remote access/VPNs, and more.
- Customer authentication to on-line resource, storefronts or digital banking sites.
- Transaction verification, including digital signatures, for banks, healthcare organizations and more.
- Encryption of email and hard disks
ActivID tokens can also be used in situations where standards bodies have required stricter data protection to achieve regulatory compliance.
HID Global offers a broad portfolio of solutions to best match your specific needs – including physical and digital options.
- ActivID One Time Passcode Tokens
- ActivID USB Tokens
- Soft Tokens
These tokens can be customized for both look and security profile, and are supported by an end-to end ecosystem for easier deployment and support.
ActivID® Token Benefits
- Increased Security Tokens deliver additional authentication factors and cannot be re-used
- Ease of Use End-users simply enter the PIN on a hand-held token to activate the security capabilities of the device
- Broad Support Supports a wide range of authentication methods
- High Flexibility Customized options for specific applications enables an optimum balance between security, cost efficiency and user-friendliness.
HID® ActivID® One-Time Passcode Tokens
ActivID® Mini Token
The simple one-click OTP experience and robust casing also deliver a costeffective solution for larger deployments.
ActivID® Flexi Token
Robust and reliable, security options and graphical skins can be easily customized to match corporate policies and branding.
ActivID® One Token
The simple user experience with wallet sized form factor encourages immediate user adoption.
ActivID® Pocket Token
Designed for mobile users, they are tough and long-lasting, but still easy to use.
ActivID® KeyChain Token
Offer a range of authentication methods in a compact and durable package - great for Field Service employees.
ActivID® Desktop Token
The larger display face and buttons simplify PIN entry to reduce eye strain with voice enabled authentication for the physically impaired.
ActivID BlueTrust™ token
The BlueTrust Token delivers One-Click authentication with a fast and easy user experience. The device supports Bluetooth® wireless technology, and removes the burden of typing passwords. The generated OTP is automatically forwarded to the computer or mobile device, providing a simple user experience without sacrificing privacy and security.
In addition to the improved user experience, they are easy to support. They are FIDO compliant - so can access multiple applications without the need for pre-installed software or a client app.
Customized Token Examples
Accessories
ActivID Coupler for onsite initialization of the token through a contactless interface.
Token Pouches for device protection and easier carrying.
Token Services and Accessories
Token Customization Options
ActivID Tokens offer multiple options for customization in both the token look and the electrical profile.
Graphical Customization: The ActivID Mini-Token can be delivered in a variety of casing colors to match your brand guidelines. The ActivID Flexi Token offers color casing, graphical customization, and custom labelling on the device.
Electrical Profile Customization: ActivID Tokens offer a variety of options to best meet your security practices and process, including these categories:
- • Security Services: Everything related to applications required for your solution including host verification and length of the OTP
- • Algorithms: Select the algorithms used during authentication and data signature
- • PIN Policy: Configure options around the PIN, including: PIN protection, initial PIN, PIN length, weak PIN control and the unlock process.
- • Behavior: Related to the general management of the token, including font/ messages and power timeout
Simplified Deployment with Device Initialization Tool
The Device Initialization Tool is a powerful utility to quickly and easily configure the electrical profile of ActivID Tokens. With this tool, an administrator can:
- Configure the token to the specific parameters defined by the administrator
- Control and secure the security keys loaded into tokens
- Ensure the electrical profile loaded into the token has been signed
The tool itself if also secured with a pre-programmed set of security services to protect access of the console, pre-defined profile signing process, and robust audit services.
ActivID® USB Tokens
ActivID® ActivKey™ SIM provides strong security in an easyto-use, portable form factor that has the same two-factor
authentication, digital signature and encryption capabilities as a smart card.
This USB key combines the security of a smart card with a built-in USB reader. The field-serviceable subscriber identity module (SIM) provides organizations a path for future upgrades, without requiring them to purchase additional readers.
Mobile Soft Tokens
HID also provides a soft token option, through HID Approve, to enable organizations to leverage the devices their employees already carry - including smartphones, tablets, and laptops - to authenticate. Soft tokens deliver a simple and efficient solution for distribution, activation and reuse.
HID Approve soft tokens are available on Apple iPhone, Android and Windows 10.
Authentication Ecosystem
All of these one time password devices or tokens work with ActivID back end infrastructure to facilitate the authentication of the entity that attempts to access the system or network. HID Global provides these options to best fit your unique needs.
ActivID® Authentication Server Software
The ActivID® Authentication Server provides a flexible platform that can grow with the authentication needs of any business. Built-in support for open protocols ensures that it can be easily integrated into any enterprise infrastructure, cloud based service and/or internet banking engine.
ActivID® Authentication Server Appliance
The ActivID® Authentication Server Appliance delivers the same functionality as Authentication Server, but is available as a virtual appliance or as hardware for simplified deployment. The ActivID® Appliance strikes the perfect balance between security, flexibility, cost and convenience.
HID Approve
HID Approve not only provides mobile soft token functionality for secure access, but also delivers transaction
verification functionality through the convenience of mobile push notifications.
In addition, out-of-the box customization options enable organizations to re-brand the app with their logo and color schemes, removing the need to build and maintain their own solution.
All of this functionality is also available as a Software Development Kit for integration into existing corporate applications. You are empowered to choose the application that best meets your business needs.
ActivID® Authentication Devices Product Selection Guide
| ActivID OTP Token | ||||||
|---|---|---|---|---|---|---|
| Mini Token | Flexi Token | KeyChain Token | One Token | |||
| Product Description |
Low cost for user
authentication feature only and high volume |
Low Cost PinPad Token
for high volume and fast delivery. Front and back customization |
Compact and robust
design with the same op tions as the Token One |
Range of
authentication options plus PIN management |
||
| Use Cases | ||||||
| Standalone Device | P | P | P | P | ||
| Connected Device | x | x | x | x | ||
| PIN activated Device | software | P | P | P | ||
| User Authentication (WEB, VPN) | P | P | P | P | ||
| Windows Logon | x | x | x | x | ||
| Electronic Signature | x | P | P | P | ||
| Host Verification | x | P | P | P | ||
|
Email Encryption and PKI features (PKI
logon) |
x | x | x | x | ||
| Physical Access - SEOS based | x | x | x | x | ||
| Supported Algorithm | ||||||
| ActivID Time/Event based | P | P | P | P | ||
|
OATH HOTP (Event based) OTP -
RFC4226 |
P | option | option | option | ||
|
OATH TOTP (Time-based) OTP -
RFC6238 |
P | P | option | option | ||
| Challenge/Response - X9.9 | x | P | P | P | ||
| OCRA - RFC6287 | x | option | option | option | ||
| PKI with X.509 Certificates | x | x | x | x | ||
| AES and ECC capabilities | x | x | x | x | ||
| Human Interface | ||||||
| Keypad | 1 | 12 | 12 | 12 | ||
|
LCD Size (Characters)
Display |
8
Segments |
10
Segments |
10
Dot Matrix (4x7) |
10
Dot Matrix (5x7) |
||
|
Define you character fonts for other
languages |
x | x | P | P | ||
| Sequenced menu (Mode V2) | x | x | P | P | ||
| up to 3 applications (Mode V3) | x | P | option | option | ||
| Power Supply and Mechanicals | ||||||
|
Battery Life Expectancy (based on
scenario) |
8 | 5 | 8 | 8 | ||
| Replaceable battery | x | x | x | P | ||
| Dimensions (L x W x H in mm) | 45 x 38 x 12 | 63 x 43 x 5.4 | 62 x 43 x 12 | 82 x 52 x 5.4 | ||
| Weight (g) | 25 | 20 | 25 | 25 | ||
| Operating System | ||||||
| Widnows XP/7/8/10/Server | Require Additional software | |||||
| Linux, Mac oS X | ||||||
| Misc | ||||||
| Voice Enabled | x | x | x | x | ||
| Waterproof (IPX67) | P | P | x | x | ||
| Multi -Color LED | x | x | x | x | ||
| Field upgradable | x | x | x | x | ||
| On site reinitialization | contact | contactless | contact | contactless | ||
ActivID® Authentication Devices Product Selection Guide (cont'd)
| ActivID OTP Token | ActivID USB Token | |||
|---|---|---|---|---|
| Pocket Token | Desktop Token | BlueTrust Token | ActivKey SIM | |
| Product Description |
Small, durable token
with the same options as the Token On |
Large button and display
with synthetic speech capability for easier key entry and readibility |
"Multi-purpose
contactless tokens for IT BlueTooth and NFC |
A smart USB Token for
PKI-based security |
| Use Cases | ||||
| Standalone Device | P | P | P | x |
| Connected Device | x | x | P | P |
| PIN activated Device | P | P | software | software |
| User Authentication (WEB, VPN) | P | P | P | P |
| Windows Logon | x | x | x | P |
| Electronic Signature | P | P | x | P |
| Host Verification | P | P | x | x |
|
Email Encryption and PKI features (PKI
logon) |
x | x | x | P |
| Physical Access - SEOS based | x | x | Demo | x |
| Supported Algorithm | ||||
| ActivID Time/Event based | P | P | x | P |
|
OATH HOTP (Event based) OTP -
RFC4226 |
option | option | option | x |
|
OATH TOTP (Time-based) OTP -
RFC6238 |
option | option | P | x |
| Challenge/Response - X9.9 | P | P | x | x |
| OCRA - RFC6287 | option | option | x | x |
| PKI with X.509 Certificates | x | x | x | P |
| AES and ECC capabilities | x | x | x | P |
| Human Interface | ||||
| Keypad | 12 | 12 | 1 | x |
| LCD Size (Characters) | 10 | 10 | 8 | x |
| Display | Dot Matrix (5x7) | Dot Matrix (5x7) | Segments | x |
|
Define you character fonts for other
languages |
P | P | x | x |
| Sequenced menu (Mode V2) | P | P | x | x |
| up to 3 applications (Mode V3) | option | option | x | x |
|
Power Supply and Mechanicals
Battery Life Expectancy (based on scenario) |
8 | 8 | 5 | x |
| Replaceable battery | x | P | x | x |
| Dimensions (L x W x H in mm) | 46 x 68 x 8 | 140 x 108 x 35 | 45 x 38 x 14 | 71.3 x 20 x 8.8 |
| Weight (g) | 28 | 225 | 30 | 12 |
| Operating System | ||||
| Widnows XP/7/8/10/Server | CCID | |||
| Linux, Mac oS X | Require Additional software |
Win 10
x |
CCID | |
| Misc | ||||
| Voice Enabled | x | P | x | x |
| Waterproof (IPX67) | x | x | x | x |
| Multi -Color LED | x | x | x | P |
| Field upgradable | x | x | P | x |
| On site reinitialization | contactless | contactless | x | USB |
North America: +1 512 776 9000 • Toll Free: 1 800 237 7769 Europe, Middle East, Africa: +44 1440 714 850 Asia Pacific: +852 3160 9800 • Latin America: +52 55 5081 1650
© 2018 HID Global Corporation/ASSA ABLOY AB. All rights reserved. HID, HID Global, the HID Blue Brick logo, the Chain Design, ActivID and ActivKey are trademarks or registered trademarks of HID Global in the US and other countries and may not be used
An ASSA ABLOY Group brand
