OATH compatible One Time Password Challenge/Response (OCRA) Token
Secure digital signing
The Feitian OCRA (OATH Challenge-Response Algorithm) Tokens offer an important feature with a PIN that protects the access by time-based authentication or event-based authentication. OTP Token C300 can be also used as a tool for online transactions digital signing. When a banking operation is made, the user inserts the account details and the amount of founds into the OCRA keypad. The device will use the information, will generate the digital signature and will attach it to the exchange. This assure you that any unwarranted third party data modification will immediately be deleted.
The OCRA process can be used for user authentication in a wide range of situations not necessarly related to online actions. The seed code providing process based on the response from returning a specific challenge sequnce can be used for validating the identity of a token operator. The identification process can be used to authenticate the validity of an institution or organization. For this authentication is requested the information from operator's token.
Dual authentication confirm the legitimacy of a website or server
Before the password is provided, the user must satisfy with the challenge factor presented by the token. The challenge-response system is based on a secret key which can also be used to verify the legitimacy of a website or a server. These can be verified by requesting personal information from a token user. The Dual authentication is becoming an important precaution as instances of illegitimate data requests from cleverly constructed imposter sites increase every day.
|User Interface||8-character high contrast LCD display
|Security Algorithms||OATH compliant challenge-response OCRA|
|Memory Type||Random Access Memory (RAM)|
|Endurance||More than 10,000 clicks|
|Battery Lifecycle||5 years|
|Operating Temperature||-10°C ~ 50°C
(14°F ~ 122°F)
|Storage Temperature||-20°C ~ 70°C
(-4°F ~ 158°F)
|Humidity||5% ~ 90% without condensation|
Tamper evidentIP54 ingress protection (under evaluation)
Feature varies according to product model.
Certification & Compliance
OATH HOTP Compliant
Multiple high level security features based on one PIN centric OTP device
Now you can benefit from a single hardware device which can provide onboard clock (time) based One Time Password (OTP) unique log-on credentials. In addition you can benefit from the challenge-response (OCRA) code for strong two-factor authentication between entities with knowledge of the unique key. The solution provides you with secure signing for transactions, data, emails and other sensitive information.
Dynamic Password which is established through a Challenge and Response Process
The Feitian OCRA Token can generate a dynamic One Time Password (OTP) in response to a challenge factor sent by an authentication user. The dynamic challenge-response algorithm is responsible for password sequence creation. This algorithm serves as fundation of the OCRA Token and is based on the criteria of OATH consortium of open security providers. First the user must satisfy the challenge factor presented by the token in order to be revealed a password. The challenge-response system is based on a shared secret key which can also be used to verify the legitimacy of a website or server requesting personal information from a token user.
Token available as part of a complete solution with Feitian FOAS Server
Feitian OATH Authentication Server (FOAS) is a trusted and secure back end server engineered to operate seamlessly with all Feitian Tokens. The OCRA Tokens can be used as a part of a complete solution which can reduce the IT and maintenance costs for organizations which implement the Feitian authentication system.
OATH based algorithms interoperate with any compliant back end server
Feitian Technologies Co. Ltd. created products which are fully interoperable with back end authentication system built to comply with international OATH standards.
Multi-functional PIN protected token provides higher security feature
- PIN protected device. After a limited number of invalid PIN login, the device is blocked automatically.
- Support secure remote token unblock mechanism
- Dynamic password generation uses both the challenge code from authentication server and time factor.
- Multi-factor algorithm brings higher security than single -factor dynamic password.
- Transaction signature protects the integrity of transmitted data
- Server authentication guarantee the validity of service provider to prevent fraud attack
- Two-way authentication brings higher security for both the application server and the end-users
OATH compliant challenge-response OCRA token
- Compliant with OATH OCRA open algorithm
- Easy to be integrated with 3rd party OATH authentication system
- PSKC format seed code available
Easy to use and portable
- Zero software install at client side
- Zero footprint authentication
- Simple one-click to generate the one-time-password
- Independent to end-user environment. No external connection is needed
- Compact casing design. Easy to carry
OTP hardware token with built-in PIN pad
- Large buttons PIN pad
- High contrast LCD display
- Accurate Real Time Clock (RTC)
- Non-replaceable built-in battery
- Secure Random Access Memory (RAM)
- Unique token serial number
Secure, robust and long life hardware design
- Battery lifetime expectancy 5 to 7 years
- Seed code stored with encryption and protection
- Tamper evidence
Flexible customization options
- Customizable pass code length and welcome screen
- Customizable OTP refresh frequency (for time based algorithms)
- Faceplate, casing color and serial number customizable
- Customizable industrial and end-user packaging
Highly applicable device supports FOAS server
- Protect application servers of computer system, such as computer login, network login, WLAN login, server login, Website login, mail system login, database login and other application server login.
- Protect network devices such as routers, exchange servers, firewalls, VPNs, as far as the device supports RADIUS protocol for authentication.
- Protect application servers of telephone networks, such as telephone banking, telephone stock market and telephone shopping etc.
- Protect application servers of mobile phone networks, such as mobile phone banking, mobile phone stock market and mobile phone shopping etc.
- Protect application servers of digital TV (DTV) networks, such as DTV banking, DTV stock market, DTV gaming and DTV shopping etc.
- Broadly used in finance, insurance, taxation, customs, business, offices, education and entertainment areas with no special request on application server terminals.
OTP token C300 at great prices!
Request here an offer for OTP Tokens C300. >>