OCRA Token serves a crucial feature as a PIN shielded offline time or event based authorization token however it can also be utilized as a tool for digital finalizing of online deals. When carrying out an electronic banking operation a user can get in the account information and the intended quantity of funds into the OCRA keypad, the device will take this info along with the time and the individual’s special trick to generate and connect a digital signature to the exchange, ensuring that any unwarranted third party information adjustment will right away be detected.
The OCRA obstacle feedback procedure can be used to authenticate the identification of individuals in a selection of scenarios not stringently limited to online, for example over the telephone, the procedure of acquiring a seed based response from a certain difficulty sequence can be used to verify the identity of a token operator. This recognition interaction can be made use of to authenticate the validity of the establishment or organization asking for individual information from the token operator also.
‘Dual Authentication’ confirms the legitimacy of a website or server
Prior to a password is exposed the user needs to satisfy the obstacle factor provided by the token. The difficulty feedback system is based upon a shared secret key which can also be utilized to confirm the legitimacy of a website or server requesting individual details from a token user. “Dual Authorization” as this procedure is understood, is becoming an ever more vital safety measure as instances of illegitimate data requests from smartly constructed imposter websites are gradually growing.
- Multiple high level security featured based on one PIN centric OTP device
Enjoy the benefits of having a single hardware device which can provide on board clock (time) based one time password (OTP) unique log-on credentials, in addition to the challenge and response (OCRA) code for sophisticated two way authentication between entities with knowledge of the unique key, in addition to the secure signing of data, transactions, emails, or other sensitive information.
- Dynamic Password as established through a Challenge and Response
OCRA Token can generate a dynamic one time password (OTP) in response to a challenge factor sent by an authentication server. The dynamic challenge-response algorithm, responsible for password sequence creation, which serves as the foundation of OCRA Token is based on the criteria of the Open Authentication consortium of open source security providers. Before a password is revealed the user must satisfy the challenge factor presented by the token. The challenge response system is based on a shared secret key which can also be used to verify the legitimacy of a website or server requesting personal information from a token user.
- Available as part of a complete solution with FOAS
OATH Authentication Server (FOAS) is a trusted and secure back end server engineered to operate seamlessly with all other products. Utilizing OCRA Token as part of a complete solution saves organizations on IT overhead, maintenance, and upkeep.
- OATH based algorithms interoperate with any compliant back end server
As a member of the Open Authentication consortium manufactures products that are fully interoperable with back end authentication systems engineered to comply with the international OATH standards.
- Multi-functional PIN protected token provides higher security feature
- PIN protected device. After a limited number of invalid PIN login, the device is blocked automatically.
- Support secure remote token unblock mechanism
- Dynamic password generation uses both the challenge code from authentication server and time factor. Multi-factor algorithm brings higher security than single -factor dynamic password.
- Transaction signature protects the integrity of transmitted data
- Server authentication guarantee the validity of service provider to prevent fraud attack
- Two-way authentication brings higher security for both the application server and the end-users
- OATH compliant challenge-response OCRA token
- Compliant with OATH open algorithm
- Easy to be integrated with 3rd party OATH authentication system
- PSKC format seed code available
- Easy to use and portable
- Zero software install at client side
- Zero footprint authentication
- Simple one-click to generate the one-time-password
- Independent to end-user environment. No external connection is needed
- Compact casing design. Easy to carry
- OTP hardware token with built-in PIN pad
- Large buttons PIN pad
- High contrast LCD display
- Accurate Real Time Clock (RTC)
- Non-replaceable built-in battery
- Secure Random Access Memory (RAM)
- Unique token serial number
- Secure, robust and long life hardware design
- Battery lifetime expectancy 5 to 7 years
- Seed code stored with encryption and protection
- Tamper evidence
- Flexible customization options
- Customizable pass code length and welcome screen
- Customizable OTP refresh frequency (for time based algorithms)
- Faceplate, casing color and serial number customizable
- Customizable industrial and end-user packaging
- Highly applicable device supports FOAS server
- Protect application servers of computer system, such as computer login, network login, WLAN login, server login, Website login, mail system login, database login and other application server login.
- Protect network devices such as routers, exchange servers, firewalls, VPNs, as far as the device supports RADIUS protocol for authentication.
- Protect application servers of telephone networks, such as telephone banking, telephone stock market and telephone shopping etc.
- Protect application servers of mobile phone networks, such as mobile phone banking, mobile phone stock market and mobile phone shopping etc.
- Protect application servers of digital TV (DTV) networks, such as DTV banking, DTV stock market, DTV gaming and DTV shopping etc.
- Broadly used in finance, insurance, taxation, customs, business, offices, education and entertainment areas with no special request on application server terminals.
|Product Hardware Specification:|
|User Interface||8-character high contrast LCD display Built-in button|
|Security Algorithms||OATH compliant challenge-response OCRA|
|Memory Type||Random Access Memory (RAM)|
|Endurance||More than 10,000 clicks|
|Battery Lifecycle||5 years|
|Operating Temperature||-10°C to 50°C (14°F to 122°F)|
|Storage Temperature||-20°C to 70°C (-4°F to 158°F)|
|Humidity||5% to 90% without condensation|
|Physical Resistance||Tamper evident|
IP54 ingress protection (under evaluation)