( Authentication Token )
DIGIPASS™ GO1     >
DIGIPASS™ GO3     >
DIGIPASS™ PRO200     >
DIGIPASS™ PRO300     >
DIGIPASS™ PRO560     >
DIGIPASS™ PRO700     >
DIGIPASS™ PRO800     >
DIGIPASS™ Comparison
 ( Authentication Server )
VACMAN™ Controller     >
IDENTIKEY™ Server     >

AUTHENTICATION PRODUCTS

DIGIPASS™ Authentication Token
DIGIPASS™ Token family consists of various DIGIPASS™ Authentication Token models to fit your security needs. DIGIPASS™ authentication token generates time- or event-synchronized one-time dynamic password and Challenge-Response to secure authentication, and even supports Digital-Signatures for signing online or offline transactions. more

IDENTIKEY™ Authentication Server
IDENTIKEY™ Authentication Server products combine seamlessly with DIGIPASS™ authentication token family to form an easy-to-use and -deploy total security solution. IDENTIKEY™ Servers support all DIGIPASS™ token features and are totally platform- and application-independent, fully scaleable to fit your existing applications. So that you do not have to re-build your systems but just add it on. more



DIGIPASS™ GO1
STRONG AUTHENTICATION HAS NEVER BEEN SO ULTRA-PORTABLE & ULTRA-EASY TO USE

The DIGIPASS™ GO1 provides affordable security in applications and networks where user acceptance is crucial. DIGIPASS™ GO1 can be used in the traditional banking market as well as in the corporate networking and e-commerce markets. In both markets, security flaws due to statistic passwords as PIN (Personal Identification Number) and TAN (TransAction Number) are imminent.

DIGIPASS™ GO1 is ultra-portable and can be used anywhere, anyhow and at any time. It can be carried in a shirt pocket, clipped on a belt, worn on a necklace or as a classy key holder. This is reinforced by its stylish design. The combination of aesthetics and security will ensure that users will like to deploy and to wear the DIGIPASS™ GO1.

For security in applications and networks, user application is absolutely crucial. Balance that against the need for an affordable solution that is very easy to use. DIGIPASS™ GO1 offers all that in an attractive, smooth design. What's more? It can be carried easily in a pocket, on a keyring or clipped to a belt for true "anywhere, anytime and anyhow" security.



DIGIPASS™ GO1 - PRODUCT BRIEF

EASY TO USE
The DIGIPASS™ GO1 offers the ultimate in user-friendly high security. With a simple and easy click users open the DIGIPASS™ GO1 and an unique One-Time-Password is displayed on the high contrast LCD. All they need to do is read it and key it into their application - wherever. So it can be combined with different platforms, like PCs, telephones, Internet kiosks, or mobile phones.


EASY TO DEPLOY
The DIGIPASS™ GO1 is rapidly integrated into existing networks. So any static password in an application can be replaced to greatly improve to a dynamic password security system. Once the token is uniquely programmed and distributed to the user, they no longer need to contact the network manager. A PIN is not even needed to lock DIGIPASS™ GO1 token. The long battery lifespan of 5 years yields a very high Return On Investment. DIGIPASS™ GO1 can even be re-use by reprogramming with new and unique encryption keys and/or algorithms.


SECURITY WITHIN EVERYBODY'S REACH
Not all security measures require sophisticated procedures with multiple fields to be entered. When strong authentication is secure enough, e.g. in corporate networking or remote access to banking applications, users tend to accept simpler devices. When the design is stylish and the user is given the final choice of how to use it, then half of the acceptance battle is already won. DIGIPASS™ GO1 offers the use with a choice to carry it in a pocket or around his / her neck for moving within the company, on a keyring so as not to forget it in the morning or clipped to a belt like a mobile phone. So user acceptance is considerably enhanced, and network management intervention is reduced to the strict minimum.

DIGIPASS™ GO1 - KEY FEATURES
  • Comes with complete accessories to carry it in a pocket, around the neck, on a keyring or on a belt.
  • Only weights 29 grams
  • Dimension: 15 X 35 X 68 mm (H X W X L)
  • 8-character LCD display
  • Activated automatically when window is slid open
  • DES or 3-DES algorithm
  • Real-time clock embedded
  • Compatible with DIGIPASS™ family tokens
  • Programming with DIGIPASS™ Programmer toolkit
  • Combining a PC PIN entry is possbile
  • Expected batter lifespan of 5 years
  • Encryption options
    • Time Synchronous
    • Even Synchronous
    • Time and Even Synchronous


DIGIPASS™ GO3
ULTRA-PORTABLE, STRONG AUTHENTICATION FOR HIGHEST CONVENIENCE & USER ACCEPTABILITY

User acceptance of security tools is a crucial factor in guaranteeing the success of security solution implementations for secure access to remote applications and networks. An alternative to the risk that static PINs and TAN lists pose, the DIGIPASS™ GO3 is very affordable, ultra-user friendly, and quick and efficient to rollout to users. These advantages allow you to close all security gaps in user authentication in a matter of hours.


The GO3 is also able to carry corporate logos, branding and custom colours to suit your business. The DIGIPASS™ GO3 is the perfect balance between an elegant design, and an unrivaled degree of portability and affordability in an easy to use security device.



DIGIPASS™ GO3 - PRODUCT BRIEF


EASY TO USE

The touch of a button?encapsulates all that busy users could want in a device that their employer requires them to use. The DIGIPASS™ GO3 is very small, and features a high contrast LCD display and a single button. This combination offers the ultimate in user-friendliness and high security: One push on the button and the DIGIPASS™ GO3 shows a unique one-time password on its LCD display. The user then enters this one-time password into their application login screen.

The DIGIPASS™ GO3 can be combined with different platforms, including PCs, telephones, Internet kiosks and mobiles phones, making its use practically anywhere at anytime a plus for users and organisations alike.

EASY TO DEPLOY

The integration of DIGIPASS™ GO3 into existing networks is simple and fast. Any static password or existing TAN (pre-printed lists of TransAction Numbers) numbers can be replaced instantly with the more secure DIGIPASS™ GO3 dynamic password. Once the unit has been programmed (to suit your authentication needs) and is handed over to the user, there is no need to read lengthy manuals or call on the network manager. Itís use is obvious and simple, requiring virtually no support or training. Unlike other tokens, the user cannot lock the DIGIPASS™ GO3, as no PIN entry is required. If required, the DIGIPASS™ GO3 can be reprogrammed for distribution to another user in cases where an employee is promoted, or even leaves the company.

DIGIPASS™ GO3 is fully interoperable with all members of the DIGIPASS™ family and works seamlessly together with the VACMAN Controller or Vacman Server and over 50 vendor applications to ensure deployment at the lowest total cost of ownership.

SECURITY WITHIN EVERYBODY'S REACH

Not all security measures require sophisticated procedures with multiple steps and physical entries required to authenticate users. Neither should it pose a large expense... the DIGIPASS™ GO3 normal battery lifetime of 5 years and beyond offers a very high return of investment. Strong authentication using DIGIPASS™ GO3 is the simply implemented, affordable solution. Whether in corporate networking or remote access to banking information - users more readily accept simpler devices that guarantee secure access.

Whatís more, the DIGIPASS™ GO3 can be:
  • Carried on a key chain
  • Attached to an existing proximity card
  • Worn around the neck, or
  • Simply be carried in a pocket or purse!


When the design is stylish and the user is not confronted with procedures or difficult to use tools, the acceptance battle is won.

DIGIPASS™ GO3 - KEY FEATURES
  • So light to go - Only 10 grams in weight, including battery.
  • So small to carry - 12.5 x 30 x 60 mm (H x W x L)
  • 8-character LCD display
  • Activated by pushing a single button
  • DES or 3-DES
  • Real-time clock embedded
  • Time synchronous or Time and Event synchronous encryption
  • Optional PIN protection on a PC
  • Expected 5 years battery lifespan
  • Personalization parameters to make it unique


DIGIPASS™ PRO200
STRONG AUTHENTICATION & DIGITAL SIGNATURE FOR PDA MOBILE SECURITY

Pocket PC's are merging with mobile phones, digital cameras, digital music players, GPS receivers thus becoming all-in-one universal digital assistants. DIGIPASS™ for Pocket PC adds yet another functionality: it turns the Pocket PC into a personal hardware security token.

With DIGIPASS™ for Pocket PC, the Pocket PC or smart phone becomes a hardware token providing one-time passwords, challenge - response remote authentication and digital signatures. This transformation is achieved in pure software so no extension slots, no wires, no add-on modules to tangle with.

Many Pocket PC devices have wireless connectivity capabilities, relying on WAP, GPRS or similar technologies. With such connected Pocket PC's, DIGIPASS™ provides strong user authentication and digital signatures for over-the-air mobile commerce transactions.

Multiple profile support is one of the many features of the DIGIPASS™ for Pocket PC. It allows more than one virtual token on one Pocket PC, each with its own secret key for access to different servers, networks and web sites.
DIGIPASS™ PRO200 protects access to corporate networks, e-business and e-commerce applications by eliminating the weakest link in the security infrastructure: the use of static passwords.

Unlike human-created passwords that are easily stolen, guessed, reused, or shared, DIGIPASS™ PRO200 generates single-use passwords that change every 36 seconds. Protect the network from the inside-out, for internal employees on their desktop machines to the outside remote users on their laptops. DIGIPASS™ PRO200 offers secure remote access and extended digital signature capabilities on PDAs and smart phones.

DIGIPASS™ PRO200 - PRODUCT BRIEF

ANOTHER STEP TOWARDS DIGITAL CONVERGENCE
PDAs are merging with mobile phones, digital cameras, digital music players. GPS receivers and becoming all-in-one universal digital assistants. DIGIPASS™ PRO200 adds yet another functionality: it turns the PDA into a personal hardware security device.


STRONG AUTHENTICATION FOR M-COMMERCE
Many PDA devices have wireless connectivity, relying on WAP, GPRS or similar technologies. As a result, PDA's enabled with DIGIPASS™ PRO200 provide strong user authentication and Digital-Signatures for wireless mobile commerce transaction. DIGIPASS™ PRO200 provides end-to-end secure data exchange, between the end-user and the m-commerce store or bank. It does not rely on the underlying wireless connectivity infrastructure. DIGIPASS™ works equally well over mobile phones, GPRS or 3G networks.


WORK OFF-LINE OR OVER LAGACY NETWORKS: ANYTIME AND ANYWHERE
DIGIPASS™ PRO200 can work on-line, off-line or wirelessly. DIGIPASS™ One-Time-Passwords and digital signatures can be communicated over any available medium. Telephone lines, Internet, VPN, corporate LAN, Kiosks or even fax - everything will do. DIGIPASS™ can also be used for traditional touch-tone phone banking. One-time passwords can even be used with a live operator by voice: truly anytime, anywhere connectivity.


ONE DEVICE TO ACCESS MULTIPLE NETWORKS AND WEB SITES
DIGIPASS™ PRO200 allows more than one virtual token in one PDA, each with its own secret key for access to different servers, networks and web sites.


EASY TO DEPLOY
DIGIPASS™ PRO200 can be easily installed by individual end-users or centrally deployed throughout the organizations. It is installed in a straightforward, wizard-assisted process with a customary use of the cradle and the specific Sync technology.

Two types of activation are supported:
(i) offline, whereby each client receives a personalization file and activation code;
(ii) online / interactive, allows initialization via e-mail or telephone.


SUPPORTED PLATFORMS
  • DIGIPASS™ PRO200 Pocket PC: Windows CE 3.0, Pocket PC 2002

  • DIGIPASS™ PRO200 Palm: PalmOS 3.0 and higher

  • DIGIPASS™ PRO200 Symbian: Symbian OS 6.x Crystal & Quartz


  • DIGIPASS™ PRO200 - KEY FEATURES
    • Remote user authentication with One-Time-Passwords or Challenge-Response
    • Digital-Signatures (message authentication codes)
    • Multiple applications:
      • Mobile commerce, mobile banking, etc.
      • Traditional phone / fax banking
      • Network security, remote office, telecommuting
    • Wireless protocol agnostic: works over TDMA, CDMA, GSM, GPRS or 3G networks
    • Works off-line or over legacy networks: LAN, dial-up modems, Internet, fax, voice. Operational when no wireless connection available
    • Compatible with all DIGIPASS™ family members and server tools
    • Multiple profile support: one PDA to access all networks and web sites


    DIGIPASS™ PRO200 - PASSWORD MANAGEMENT
    • User-chosen and changeable password
    • The system operator defines usage and length of the password
    • Locks after a certain number of invalid password entries
    • In the "Unlock mode", a reversed Challenge-Response scheme can be employed to re-activate a locked DIGIPASS™ PRO200


    DIGIPASS™ PRO200 - CRYPTOGRAPHIC FEATURES
    • Data Encryption standard (DES) and triple DES
    • Challenge input up to 16 digits long.
    • Responses are shown in decimal or hexadecimal format
    • Different functions can be assigned to each application:
      • Time independent response with external Challenge (X9.9)
      • Time-based response with external challenge
      • Event-based response with external challenge
      • Time-based one-time password generation
      • Event-based one-time password generation
      • Time- and Event-based one-time password generation
    • A single check digit (per ISO 7064-6) can be applied on the Challenge and / or Response


    DIGIPASS™ PRO300
    SECURE ACCESS & USER AUTHENTICATION FOR NEW E-BANKING SERVICES WITH ONE-TIME PASSWORD AND DIGITAL-SIGNATURE

    The handheld DIGIPASS™ PRO300 provides financial institutions and companies with a secure means of customer or employee identification and authentication for remote access to their computer systems and networks. The DIGIPASS™ Pro 300 is ideally suited for large public banking applications such as telebanking, home banking, PC banking, phone banking and Internet banking where authentication and e-signatures are key requirements.

    The user interface has been conceived to work in an intuitive way, requiring a minimum number of keystrokes, so that the user can start using the DIGIPASS™ PRO300 almost without referring to a user guide. Thanks to the optical interface, the user can even read challenges directly from the computer screen.

    The small hand-held DIGIPASS™ PRO300 authentication device secures authetication in any network structures and eliminates weak links. DIGIPASS™ PRO300 generates an One-Time-Password that enables you to identify customers, employees and remote users who are accessing your computer systems or networks. Digital-Signature even enhance security by signing financial transactions. Most valuably, it provides secure access from any locations.


    DIGIPASS™ PRO300 - PRODUCT BRIEF

    STRONG TWO-FACTOR AUTHENTICATION
    DIGIPASS™ PRO300 security solution is based on Two-Factor Strong Authentication. To gain access to applications and services, users must have a Personal Identification Number (PIN) and a hand-held DIGIPASS™ PRO300. The PIN is entered onto the DIGIPASS™ PRO300 which then computes a time-based or even-based dynamic One-Time-Password. The One-Time-Password enables authorized access to the network resoources.


    INTUITIVE USER INTERFACE AND ADVANCED DESIGN
    Made of robust and shock-resistant materials, with an intelligent power management battery of expected 7 to 10 years long lifespan, unique encrpytion parameters, make DIGIPASS™ PRO300 a reliable and yet secure total security solution. Its ergonomic keypad and simple user interface are so easy to use, neither technical training nor user guide is even needed. Universally recognizable LCD display icons walk user through simple operation steps.


    MAXIMUM CUSTOMIZATION
    DIGIPASS™ PRO300 is designed to fit your specific applications. Security parameters such as PIN length, number of PIN trials, password length, type of cryptographic algorithm, challenge-response length, all are programmable to satisfy your needs. Results: you get an optimum balance of user-friendliness cost-efficiency and security.


    BANKING WITH DIGIPASS™ PRO300
    DIGIPASS™ PRO300 technology is deployed with success in wide array of application environments. For instances, more than 250 financial institutions around the world overcome security challenges of online-banking and -transaction, by deploying DIGIPASS™ PRO300 solution, without compromising existing infrastructures. Easy-to- deploy and -use DIGIPASS™ PRO300 solutions provide high security and total reliable e-banking services via phone, fax, and Internet. Treating security issues seriously and effectively, their existing customers' loyalty is increased while offering potential new customers the benefit of heightened security.


    SAFER INTERNET TRANSACTION, MORE OPPORTUNITY
    DIGIPASS™ PRO300 technology enhances the security of your web services and help you regain your total control. Whether it is using DIGIPASS™ PRO300 to generate dynamic One-Time-Password for restricted area logons or compute Digital Signatures for signing financial transactions, you have greater control over who is trying to perform what activity and hence competitive edge.


    SECURING COPORATE NETWORKING, BUILDING COMPETITIVE ADVANTAGES
    Should Corporate Networking security be seriously addressed? Yes, because exchange of information is a competitive advantage to put your corporation staying ahead of the curve. And itís vital to keep this alive, securing corporate computing is as important as money transaction and security must not be deminished. DIGIPASS™ PRO300 provides highly secure solutions for guarding against breaches of confidentiality and unauthoirzed access to corporate data resources. Furthermore, DIGIPASS™ PRO300 technology wins high scores for offering more functionality and flexibility at a low total cost of ownership.

    DIGIPASS™ PRO300 - KEY FEATURES
    • Internal real-time clock
    • Intelligent Power Management conserves battery life
    • Expected 7 to 10 years lifespan battery
    • PIN protected
    • PIN is user changeable
    • PIN Trial-and-Lock self-protect system
    • Remote Unlocking mechanism
    • Usage period controllable
    • ON/OFF/ERASE functions on a single button
    • Unique Initialization per DIGIPASS™ PRO300
    • Total control on Initialization
    • Administratively defined PIN length, PIN trials, password length, transaction parameters
    • Optical Interface for Initialization/reading Challenge-code or transaction parameters
    • Digital-Signature guarantees transmitted data integrity
    • Size: 85 x 47 x 15 mm
    • Weight: 37 grams


    DIGIPASS™ PRO300 - CRYPTOGRAPHIC CHARATERISTICS
    • Conforming Data Encryption Standard (DES or Triple-DES options)
    • Programmable number of applications with unique DES key and parameters
    • Up to 16 Challenge digits for Responses computing
    • Manually key in or optically read from any computer monitor of Challenge code or transaction parameters for Digital-Signature computing
    • Decimal or hexadecimal format Response options
    • Optional Check-Digit (ISO 7064-6 standard) for Challenge and/or Response approach
      • Time-based One-Time-Password
      • Event-based One-Time-Password
      • Time- and Event-based One-Time-Password
      • Time-based Response with external Challenge
      • Event-based Response with external Challenge
      • Time-independent Response with external Challenge (X9.9)


    DIGIPASS™ PRO560
    SECURE YOUR NETWORK RESOURCES WITH THE STYLISH, STATE-OF-THE-ART DESIGN DIGIPASS™ PRO560. WITH DIGIPASS™ PRO560, YOU CAN OFFER STRONG AUTHENTICATION & DIGITAL-SIGNATURE IN YOUR OWN LANGUAGE.

    DIGIPASS™ PRO560 is an authentication code generator that provides secure customer or employee identification for access to computer systems. At the same time it can generate e-signature and even host authentication.

    Financial institutions and other companies are aware that user log-on names and static passwords are insufficient for user authentication, as they can easily be stolen and misused. Strong authentication is the solution to this problem.

    DIGIPASS™ PRO560's security is based on two-factor strong authentication; combining something the user possesses (a DIGIPASS™ token) and something the user knows (a PIN to access the DIGIPASS™).

    DIGIPASS™ PRO560 eliminates the weakest link in any security structure, i.e. the use of static passwords. DIGIPASS™ PRO560 generates an One-Time-Password that enables you to identify customers, employees and remote users who are accessing your computer systems or networks. Digital-Signatures mechanism can be deploy to further secure the electronic transactions.


    DIGIPASS™ PRO560 - PRODUCT BRIEF

    STRONG TWO-FACTOR AUTHENTICATION
    DIGIPASS™ PRO560 is based on strong two-factor authentication. To gain access to applications and services, you need to use DIGIPASS™ PRO560 to generate a dynamic One-Time password, that is used for secure strong authentication.

    INTUITIVE USER INTERFACE AND ADVANCED DESIGN
    Made of robust and shock-resistant materials, with contemporary & sleek design, DIGIPASS™ PRO560 comes with an integrated hard-cover. All these make DIGIPASS™ PRO560 a reliable and yet essential part of any enterprise security solution. Its ergonomic keypad and bitmap LCD display supporting special characters and customized messages, make it easy to use. Programmable messages walk end-user through the entire operation. DIGIPASS™ PRO560 enhances DIGIPASS™ family in offering new features such as a Personal Unlocking Key (PUK), which is widely used in mobile handsets. Now, DIGIPASS™ PRO560 also supports AES, the future encryption standard.

    MAXIMUM FLEXIBILITY
    DIGIPASS™ PRO560 is scaleable to meet your specific applications. Security parameters such as PIN length, number of PIN trials, types of cryptographic algorithm, Challenge-Response length, are all programmable. Furthermore, if the use locks his DIGIPASS™ due to a forgotten PIN, he can unlock it with a PUK. Result: you get an optimum balance of user-acceptance, cost-efficiency and security.

    BANKING WITH DIGIPASS™
    DIGIPASS™ PRO560 technology is deployed with success in wide array of application environments. For instances, more than 250 financial institutions around the world overcome security challenges of online-banking and -transaction, by deploying DIGIPASS™ PRO560 solution, without compromising existing infrastructures. Easy-to- deploy and -use DIGIPASS™ PRO560 solutions provide high security and total reliable e-banking services via phone, fax, and Internet. Treating security issues seriously and effectively, their existing customers' loyalty is increased while offering potential new customers the benefit of heightened security.

    DIGIPASS™ PRO560 - KEY FEATURES
    • Internal real-time clock
    • Charaters, messages & logos can be fully specified for instructions or marketing purposes
    • Support up to 4 different languages
    • Possibility to use default account number, internal counter and decimal numbers (e.g. amount of money) in Digital-Signature
    • Diagnostic features like display internal time, serial number, and battery level.
    • Expected 5 years battery lifespan
    • PIN protected
    • PIN is user changeable - optional PIN and its length can be selected
    • PIN Trial-and-Lock self-protect system
    • Remote Unlocking or PUK Local Unlocking mechanisms
    • Fully cutomization of secrets and options done by DIGILINK station
    • Digital-Signature guarantees transmitted data integrity
    • Tactile keypad technology with 11 silicon rubber keys + 1 jog dial
    • Integrated hard cover to protect display and keypad
    • Large display with one line of 9 by 60 dots to allow for logo and language specific characters
    • Size: 88 x 59 x 7 mm
    • Weight: 41 grams


    DIGIPASS™ PRO560 - CRYPTOGRAPHIC FEATURES
    • Conforms DES (Data Encryption Standard) and Triple-DES, enabling the highest possible level of logical security
    • Conforms AED (Advanced Encryption Standard), future encryption standard compatible
    • Supports 4 different platform-independent applications or hosts at maximum, each for authentication or signature, or both.
    • Extended signatures are possible by using signature counter
    • Variable length Challenge input and Response output (decimal or hexadecimal formats)
    • Possibility to add check-digit on the Challenge and/or Response
    • Supports all cryptographic modes of DIGIPASS™ PRO 250, 300 and 700



    DIGIPASS™ PRO700
    SIMPLIFY YOUR ADVANCED REMOTE-USER AUTHENTICATION & TRANSACTIONS

    With the DIGIPASS™ PRO700, secure network access and complex digital signatures become possible without putting any extra burden on the user.

    The DIGIPASS™ PRO700 enables network access specialists to bring the overall remote access security to a superior level while building an incredibly flexible, economic and yet user-friendly security infrastructure. They can define several applications, each with the most appropriate settings, just by changing parameters (e.g. PIN length, number of trials, lengths of challenge, concatenated fields).

    The easy-to-follow, on-screen instructions and the large, comfortable keypad make the user immediately familiar with the DIGIPASS™ PRO700. With all display messages programmable and in their native language, the use of the token becomes simple, even for the most complex authentication schemes.

    Belonging to the DIGIPASS™ family, it benefits from all existing programming and authentication software that already supports the other family members.

    Secure access to more advanced applications is a reality with the DIGIPASS™ PRO700, a security solution that fits in the palm of your hand. Supporting 8 independent applications at maximum, the DIGIPASS™ PRO700 boasts a remarkable index of features that enable security managers and application owners to easily enhance their network security.



    DIGIPASS™ PRO700 - PRODUCT BRIEF

    STRONG TWO-FACTOR AUTHENTICATION
    The DIGIPASS™ PRO700 solutions is based on strong two-factor authentication. To gain access to applications and services you must have a PIN (Personal Identification Number) and a handheld DIGIPASS™ Pro700. The PIN code is entered into the DIGIPASS™ Pro700 so as to activate it, DIGIPASS™ Pro700 then calculates an One-Time dynamic password that is used for secured authentication to the system resources.

    EASE OF USE
    With 3-line LCD display, that can display application-specific information, the DIGIPASS™ PRO700 is ideally suited for sophisticated or complicated transactions. Its object-oriented concept allows it to fit into existing user interfaces and terminology, specific application customization is even possible, now. Up to 8 independent applications at maximum can be hosted with no less than 64 messages in two languages - logos and country-specific language characters. Security manager can program user guides, walk-through, marketing messages, etc into the DIGIPASS™ Pro700. As a result, the user can execute highly sophisticated operations or transactions in total secured manner without the need for training manuals. DIGIPASS™ Pro700 offers security managers, application owners and users the full benefits of "triple-A" security - Anywhere, Anyhow, and Anytime.

    EASY TO IMPLEMENT AND MANAGE
    DIGIPASS™ Pro700 is easily customized to your specific applications. Administrators can fine-tune this security solution to meet specific application needs, form PIN length and number of PIN trials to challenge and response length. Initialization of DIGIPASS™ Pro700 is a fast, secure and manageable process, resulting in the optimum balance of use-friendliness, cost-efficiency and security.

    DIGIPASS™ PRO700 - KEY FEATURES
    • Programmable use interfaces in two-languages - graphical and character languages
    • On-screen messages guide the user and further simplify helpdesk queries
    • Color and logo options offer strong branding
    • High contrast 12-digit, 3-line LCD display (1 line for icons, 1 line 7 x 5 dot-matrix and 1 line 7-segment for optimal legibility)
    • Tactile keypad technology with silicone rubber key tops (16 keys)
    • Integlligent battery management give a life expectancy of 7 years
    • Dimmensions: 90 x 60 x 10 mm (L x W x H)
    • Weight: 35 grams


    DIGIPASS™ PRO700 - CRYPTOGRAPHIC FEATURES
    • Supports DES (Data Encryption Standard) and Triple-DES, enabling the highest possible level of logical security
    • Supports 8 different platform-independent applications or hosts at maximum, each with unique keys and parameters
    • Digital-Signatures can be calculated based on fractional (left- or right-aligned) amounts, hidden or visible counters, default values and time stamps.
    • Up to 24 digits of challenge or data field input can be keyed in or read from a computer screen with optical interface
    • Responses or Digital-Signatures are shown on the display in decimal or hexadecimal formats (24-digit at maximum). An optional check-digit (ISO-7064-6 basis) can be applied on Challenge, Response and Digital-Signature functions.
    • Supports full range of time- and event-based authentication mechanisms, using the internal and unalterable real-time clock
    • Mutual signature verification allows small groups to be authenticated, eliminating the need for a dedicated server.


    DIGIPASS™ PRO800
    PORTABLE INTELLIGENT SMART CARD READER WITH STRONG AUTHENTICATION & DIGITAL SIGNATURES

    The DIGIPASS™ PRO800 brings token technology to the immense, worldwide installed base of smart cards. This smart card can be a banking smart card (e.g. with electronic purse functionality) but can also be any private scheme smart card.

    The philosophy of the DIGIPASS™ PRO800 is based on a brand-new factory-to-field concept. In this concept, the DIGIPASS™ PRO800 is distributed immediately to the field in large volumes, without requiring any intermediate personalization. With smart cards this personalization has, in fact, already been done and is re-used. This means that any user taking any DIGIPASS™ PRO800 converts it into his own token simply by inserting his personal smart card. Hence the cost of ownership of such authentication system becomes a fraction of that of a separate system that requires administration, distribution and initialization of tokens.

    The DIGIPASS™ PRO800 is used unconnected and performs as a normal DIGIPASS™ - performing strong authentication and e-Signatures, all combined with a long battery lifetime.

    Want to achieve stronger network security? Looking for a flexible & expandable way to leverage your investments in smart cards without the cost of specialized programming? The highly portable DIGIPASS™ PRO800 smart card reader offers unparalleled value and security, at any time and from any place.


    DIGIPASS™ PRO800 - PRODUCT BRIEF
    EASY TO IMPLEMENT AND MANAGE
    Smart card issuers such as financial institutions, banks, telecom operators, ASPís, distribution companies ... can deploy the DIGIPASS™ PRO800 smart card reader quickly and cost-effectively. Itís less expensive than standard smart card readers, with no software drivers to install or specialized programming required. In addition, the systemís so simple and easy to manage, help-desk costs are minimized.

    Best of all, organisations already using other DIGIPASS™ authentication devices can seamlessly migrate to the DIGIPASS™ PRO800 without changing the security infrastructure thatís already in place.


    HOW DOES DIGIPASS™ PRO800 WORKS?
    The DIGIPASS™ PRO800 smart card-reader can be used at any time, from any place and on any platform (PC or MAC, telephone or Internet). Just insert the smart card into the DIGIPASS™ PRO800 and enter the cardís Personal Identification Number (PIN). Unique secrets are automatically created, personalising the reader for that particular user. As soon as the card is removed, it reverts to a blank screen.

    The strength of DIGIPASS™ PRO800 security is based on Two-Factor authentication approach, which are:
    1. Something the user possess: the smart card
    2. Something the user knows: the smart card PIN

    All data entry is done on a telephone-like keypad. Instructions and graphics are displayed on DIGIPASS™ PRO800's 2-line LCD display. the user is prompted every step of the way, receiving corrective prompts when errors are made.


    FACTORY TO FIELD
    The DIGIPASS™ PRO800 initialises itself and becomes unique at the moment that a user inserts his smart card and enters his PIN. As soon as the card is removed from the DIGIPASS™ PRO800, all secrets are immediately erased. As DIGIPASS™ PRO800 is platform independent and needs no personalization prior delivery to the customer, every reader is identical. Therefore it can be produced and distributed in a very cost-effective and easy way.


    OPEN AND SECURE ACCESS
    Since the DIGIPASS™ PRO800 is a self-initialising authentication device that is unconnected, it offers secure remote access at any time, from any place, on any platform (PC or MAC, telephone, Internet, etc.). As soon as the card is removed from the DIGIPASS™ PRO800, all secrets are immediately erased.


    AUTHENTICATION SERVICES
    Once activated, DIGIPASS™ PRO800 can generate dynamic One-Time-Passwords to log-on remotely to computer networks, compute Digital Signatures to sign transactions or accept Challenge messages and computes the corresponding Responses.


    LOW COST OF OWNERSHIP
    DIGIPASS™ PRO800 eliminates the need to provide customers with a smart card and a separate authentication token. It combines the instrinsic security of the smart card with the advantages of unconnected tokens. In Addition, DIGIPASS™ PRO800 requires no extra personalization by the network owner and can be delivered in bulk. DIGIPASS™ PRO800 allows you to reduce the total cost of ownership of your security infrastructure by lowering the number of support calls on your helpdesk.

    DIGIPASS™ PRO800 - KEY FEATURES
    • High-contrast, 10-character, 2-line LCD (1 line 60 X 7 dot-matrix line + 1 line of 14-segment characters)
    • Tactile keypad with silicon rubber keys
    • Intelligent battery management for a 3-5 years lifespan
    • DES and 3-DES supported
    • Real-time clock embedded
    • PIN Trial-and-Lock self-protect system
    • Compatible with ISO7816 smart cards
    • Support of T=0 and T=1 smart cards
    • Compatible with existing host systems for any DIGIPASS™ family tokens
    • Dimension: 63X 95 X 16 mm
    • Weight: 58 gram


    DIGIPASS™ PRODUCT COMPARISON TABLE
      DIGIPASS™   TOKEN   FAMILY
    GO 1 GO 3 PRO 250 PRO 300 PRO 560 PRO 700 PRO 800
    Algorithm Option:
    Time/Event/Challenge
    time
    event
    -
    time
    event
    -
    time
    event
    challenge
    time
    event
    challenge
    time
    event
    challenge
    time
    event
    challenge
    time
    event
    challenge
    Challenge-Response Authentication ü ü ü ü ü
    One-Time-Password Authentication ü ü ü ü ü ü ü
    Digital-Signature ü ü ü ü ü
    DES / 3-DES ü ü ü ü ü ü ü
    AES ü ü
    Challenge-Response Unlocking (Remote) ü ü ü ü
    Puk Code Unlocking (Local) ü
    Localized Languages ü ü ü
    N° Of Application 1 1 3 3 4 × 2 8 5
    Activation Mechanism prog prog prog prog prog prog prog or smartcard
    Expected Lifespan
    (In Year)
    5 5 7 10 5 5 5
    Design For remote access remote access e-banking e-banking e-banking e-banking e-banking
    Special Feature easy
    &
    mini
    easy
    &
    mini
    portable
    &
    functional
    long-life
    &
    functional
    message in multiple languages complex digital signature security
    +
    reader


    VACMAN™ Controller
    INTEGRATE STRONG AUTHENTICATION INTO YOUR APPLICATIONS WITHOUT REWRITING THE CODES

    Effective network security demands a partnership between system administrators and authorized users. Unfortunately, you cannot always count on users to change their passwords regularly and that creates an invitation to hackers.


    VACMAN™ Controller - PRODUCT BRIEF
    VACMAN™ Controller can reliably secure any part of your network without requiring changes to your existing applications. Simply link VACMAN™ Controller to the application, and it automatically handles login requests from any users youíve authorized to have a DIGIPASS™ token. It is that easy.


    ZERO KNOWLEDGE INTEGRATION
    Designed by specialists in system entry security, VACMAN™ Controller makes it easy to administer a high level of access control. You simply add a field to your existing user database, describing the unique DIGIPASS™ token assigned to the user. VACMAN™ Controller takes it from there, automatically authenticating the logon request using the security sequence you specify, whether it is a One-Time-Password using dynamic One-Time-Password or a Challenge-Response authentication mechanism or a transaction signing Digital-Signature.

    You may also specify what type of DIGIPASS™ you give your customer; from the small DIGIPASS™ GO1, or PRO300 to the sophisticated smart card based DIGIPASS™ PRO800, or even PDA or PC based DIGIPASS™ Soft version.

    Simply tailor your security solution according to the needs of your company.


    ACHIEVE LOW TOTAL COST OF OWNERSHIP
    VACMAN™ Controller is a cost-effective solution requiring only a couple of days to implement. Provide your company the flexibility to follow new standards and developments in network security. A low, total cost of ownership is a reality with VACMAN™ Controller.


    UNMATCHED VERSATILITY
    VACMAN™ Controller gives you the freedom to offer remote access to nearly any type of application, from simple data exchanges to full-fledged e-commerce solutions. Thereís no need to limit the applications you make available to remote users, because VACMAN™ Controller can provide precisely the level of strong authentication you require (including a full range of time and/or event-based security schemes).


    HASSLE-FREE STRONG AUTHENTICATION
    It used to be anything but easy to implement a strong authentication security scheme. You could buy a specific access control server, only to find that itís often tough to configure to work with existing applications. Or you could build a custom solution, putting a new burden on the IT department with no guarantee that your home-grown approach would provide an adequate level of security.

    VACMAN™ Controller offers a flexible alternative: an API-type solution that provides strong security, while requiring minimal changes to your current system. Just build a few calls into your applications, then it is up and running. It is a long-term solution because upgrades are available through a maintenance contract, to ensure that your access control system will always incorporate the latest in encryption technology standards and new additions to the DIGIPASS™ family tokens.


    MULTI-PLATFORM SUPPORT
    VACMAN™ Controller protects your IT investment by offering security for nearly any operating system or platform. Itís a proven solution, operating flawlessly in many different environments today. VACMAN™ Controller is completely scaleable, supporting an unlimited number of authorized users.

    VACMAN™ Controller - KEY FEATURES
    • Complete application independent
    • Support for most processors and platforms
    • ASCII and EBCDIC support
    • 32-bit to 64-bit memory support
    • Multi-thread and multi-task aware code
    • Compatible with all current and future DIGIPASS™ family tokens
    • Various authentication approaches available:
      • dynamic One-Time-Password
      • Challenge-Response
      • Digitla-Signature
    • Time and/or event based authentication mechanisms
    • Supports DES and 3-DES
    • PIN Trial-and-Lock self-protect system
    • Help Tsupport
    • Easy maintenance / upgrade


    IDENTIKEY™ Server
    EASILY ADD STRONG AUTHENTICATION TO YOUR EXISTING REMOTE ACCESS SOLUTION

    Your Firewalls and RADIUS servers solve a lot of problems, when it comes to provide remote access to the company network. Do you worry that unauthorized users may try to exploit your static passwords to their own advantage without your permission? Do you want to increase your network protection, promote your users productivity and do it without replacing or redesigning your remote access solution?

    Now, with IDENTIKEY™ Server, you can!

    IDENTIKEY™ Server - PRODUCT BRIEF
    SOLID SECURITY = BUSINESS VALUE
    Remote Access is one of the most valuable and vulnerable areas in a corporate network. Without remote access, productivity can grind to a halt. Consider what would happen, for example, if your sales people, telecommuting employees, or customers lost access to your central database or other network resources. Today, you cannot afford to leave valuable corporate data and systems unprotected. IDENTIKEY™ Server is the simple and cost-effective solution to help you positively identify the remote users who are requesting access to your network.


    POWERED BY DIGIPASS™
    DIGIPASS™ strong authentication technology is specifically designed to ensure that remote access doesnít become the weak link in your network security infrastructure. With a DIGIPASS™ token in hand, your authorized users will be able to prove that they are who they say they are - quickly and easily. They simply use an individually assigned DIGIPASS™ token to generate a dynamic One-Time-Password and theyíre in business.


    EASY TO INTEGRATE
    IDENTIKEY™ Server makes things easy and yet highly secure on the network administratorís end, too. This solution can be used to tighten the security for remote access in ANY RADIUS environment. Itís designed to enforce DIGIPASS™ strong authentication technology in combination with any RADIUS server. But thatís not all: IDENTIKEY™ Server can also serve as a back-end authentication server to any RADIUS enabled firewall application. The secret? IDENTIKEY™ Server is an unique software offers RADIUS-proxying capabilities, in addition to strong support for the RADIUS protocol and DIGIPASS™ authentication devices.


    COMPLETELY COMPATIBLE
    Once IDENTIKEY™ Server is installed and configured, you can use the Audit Console to monitor incoming and outgoing RADIUS traffic (or any other events) on the IDENTIKEY™ Server server. The Audit Console presents all the statistical information you need to manage your remote access environment - providing details on events that have occurred since IDENTIKEY™ Server started running, including:
  • connection period

  • number of information messages

  • warnings

  • errors and fatal errors


  • Both the Admin Graphical User Interface (GUI) and the Audit Console can be run remotely. Both are written in highly portable JAVA Swing-based code to fit future platform support. There are no hardware or software conflicts to worry handling all strong authentication challenges and about, because IDENTIKEY™ Server uses a non-intrusive method of enabling DIGIPASS™ authentication. Simply place IDENTIKEY™ Server between the NAS and your existing RADIUS server - without affecting the performance of either.


    EASY TO ADMINISTER AND AUDIT
    IDENTIKEY™ Server fits seamlessly into any RADIUS environment without creating new management headaches. A single interface lets you assign and manage the DIGIPASS™ tokens you've distributed to authorized users, while automatically responses. This same tool also allows you to configure all the other features of IDENTIKEY™ Server.


    AUTO-MANAGEMENT
    The IDENTIKEY™ Server solution is designed for easy administration, whether youíre authenticating a few dozen remote users, or tens of thousands. By combining powerful features - such as Dynamic User Registration, Auto Token Assign, and Token Graceperiod - the IDENTIKEY™ Server technology automatically manages itself after the initial configuration.

    IDENTIKEY™ Server is extremely flexible, giving you many different ways to create user accounts and assign tokens. In addition to the Auto-Management method, the technology allows you to:
  • Import users and assign tokens from an input file

  • "Bulk assign" users and tokens that have been loaded into the database

  • Assign a token based on a user

  • Assign a token based on a token

  • Use command line interface (CLI) to create users and assign tokens


  • IDENTIKEY™ Server - KEY FEATURES
    Why use IDENTIKEY™ Server?
    Strong Two-Factor authentication
    IDENTIKEY™ Server and DIGIPASS™ solution eliminate the weakest link in any security structure, the use of static passwords. It is a turnkey solution that can be up and running in minutes, not hours or weeks.

    Dynamic User Registration (DUR)
    Refers to the automatic expansion of the IDENTIKEY™ Server database to include users who are allowed to authenticate to the third party RADIUS Server. DUR creates the user in the database, if the user account is not yet present, and the third party authenticates the user.

    Autolearn passwords
    Automatically learned passwords is a feature that allows static user passwords, assigned to the user on the back-end RADIUS server, to be autostored in the database. Upon valid DIGIPASS™ authentication in IDENTIKEY™ Server, the "autolearned" user password is automatically played to the back-end RADIUS server.

    Token Auto Assign
    An unassigned DIGIPASS™ can automatically be assigned to a new user, whether the user was created by the Admin GUI or DUR. A logfile containing the assignment specific parameters (Serial Number, User-Id, User-Name, etc.) is then created.

    User Passthru
    DIGIPASS™ and static password authentication are supported simultaneously. Passthru allows a user to be authenticated by the back-end RADIUS server without any treatment on the IDENTIKEY™ Server. This option can be activated globally, even to the user-level.

    DIGIPASS™ Grace Period
    The user static password is accepted (for a certain period of time) even when a DIGIPASS™ has already been assigned. The grace period will end after the specified time has expired, OR at the first time the DIGIPASS™ is used within this period.

    Admin GUI
    By using Admin GUI, administration can be run locally or remotely, it features all administration previleges such as:
    • DIGIPASS™ token database management (Import, Assign, Unlock, etc.)
    • User account administration (Create, Delete, Disable, Modify, Configure Privilege, etc.)
    • Log-file configurations
    • General configuration settings (proxy, Passthru, Token Auto Assign, etc.)



    SYSTEMS REQUIREMENTS
    IDENTIKEY™ Server SYSTEMS REQUIREMENT
     
     
    RESOURCE RECOMMENDATION / REQUIREMENT
    CENTRAL PROCESSOR UNIT
    CPU speed of Pentium 500MHz or faster is recommended.
    Faster CPU is recommended in the following conditions:
    • High number of RADIUS authentication / accounting requests
    • RADIUS requests are proxied to RADIUS servers
    • One or more Audit Consoles are active
    • ODBC Auditing is enabled
    • Server debug option is enabled
    MEMORY
    RAM capacity of 256 MB or greater is recommended.
    More RAM is recommended in the following scenarios:
    • User cache is enabled with a large list of users. Every 10 cached users require approximately 1KB of RAM memory
    • Running JAVA based Admin GUI or Audit Console
    HARDDISK SPACE
    Disk space of 100 MB or greater is recommended.
    Larger Harddisk Space is recommended in the following situations:
    • High number of user and token records. Each user and token records occupy approximately 1 KB of disk space
    • Audit log files that are not archived (backed up then deleted from the disk) frequently
    OS
  • Windows 2000 Server (with Service Pack 1 or above)
  • Windows NT Server 4.0 (with Service Pack 6 or above)
  • WINSOCK
    Winsock Version 2.0 or above.
    ODBC Driver
    Microsoft Access database driver version 4.00.4403.02 or above.
    JRE
    JRE Version 1.2 or later for running IDENTIKEY™ Server Admin GUI and Audit Console.