SlideShare une entreprise Scribd logo

SecureOTP: Total One-Time-Password Solution

Rafidah Ariffin
Rafidah Ariffin
Technologie
1  sur  28
SecureOTP Authentication Server 3 Total One-Time-Password Solution
What Is APassword A password is a SECRET word or string of characters that is used for authentication, to prove identity or gain access to a resource Generally, should be something that is hard to guess
How Many Passwords Do You Have?
Instant Messaging Travel and Leisure
Online Banking or Payment Service Provider
How Do You Remember Your Passwords?
Your passwords can be easily: Cracked Stolen Guessed
Other Shortcomings of A Password A hassle for users A drain on the helpdesk A headache for the management A worry for security managers
How To Steal A Password Shoulder surfing Snooping on the user’s network connection Hacking the system’s password file Simple guesswork Use powerful password cracking tools 1 2 3 4 5
Conclusion: The classic username-and-password combination can only deliver weak authentication. And yet it is all that stands between your sensitive business information and prying eyes.
What is the IDEAL solution that can provide STRONG AUTHENTICATION?
SecureOTP Authentication Server 3
Two-Factor Authentication What you have What you know Strong Authentication + =
Two-Factor Authentication Your username and password What you have What you know Strong Authentication + = A One-Time-Password Token
One-Time-Password (OTP) A password that is valid for only ONE login session or transaction Also known as dynamic password
OTP Technology Two input factor is taken to generate an OTP. Time factor or Number of clicks 1 Seed code 2 Types of OTP: Time-based authentication 1 Event-based authentication 2 Challenge-response-based authentication 3
Comparison Matrix
SMS & Messaging Token J2ME Mobile Token Software Token Browser Token Multiple 2-Factor OTP Tokens SecureOTP Hardware Token
SecureOTP Hardware Tokens SecureOTP Card SecureOTP Time SecureOTP Event OTP + PKI Combo SecureOTP Hybrid SecureOTP CR
SecureOTP Hardware Token Feature Highlights High Mobility Low Cost High Security High Quality
How SecureOTP Works Same Account Account1 Account 1 + + Customer Authenti-cation Server Same PIN Pwd Pwd + + Same OTP 555532 Same Algorithm Algorithm Algorithm Timer/Event Seed Timer/Event Seed Same Seed Same Event Counter / Timer
PWD OTP Time/Event Synchronous OTP Workflow DB + 3 User Input 1 2 4 5 SSL Authentication Server Application Server
PWD Challenge Challenge-Response OTP Workflow 6 DB Authentication Server + 5 7 2 User Input 3 1 4 8 Application Server
OTP System Components
SecureOTPFeature Highlights Flexible Support Powerful Admin. Central Design Multiple Language Support Strong Security
SecurePKI USB PKI Tokens Complete PKI solution with Certificate and Token Lifecycle Management. Cost effective advanced MCU smart chip based USB token SecureOTP Authentication System PKI Smart Cards Advanced OATH hardware token based OTP authentication solution Contact and Dual Interface MCU smart chip based Smart Cards SecureOTP Advanced Authentication System OTP, Hybrid and CR Tokens Multi-Factor OTP authentication solution OTP, OTP + PKI, and Challenge Response chip based Tokens SecureMetric 2-Factor Authentication 2FA Security Solutions 2FA Security Devices
session
Thank You. Prepared by: RafidahAriffin SecureMetric Technology Sdn. Bhd. rafidah.ariffin@securemetric.com

Recommandé

One Time Password - A two factor authentication system
One Time Password - A two factor authentication systemOne Time Password - A two factor authentication system
One Time Password - A two factor authentication systemSwetha Kogatam
 
One time password(otp)
One time password(otp)One time password(otp)
One time password(otp)Anjali Agrawal
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsConnectSafely
 
One-Time Password
One-Time PasswordOne-Time Password
One-Time PasswordAta Ebrahimi
 
Password management for you
Password management for youPassword management for you
Password management for youChit Ko Ko Win
 
Atm simulation program using python
Atm simulation program using pythonAtm simulation program using python
Atm simulation program using pythonHappy Nezza Aranjuez
 
Password management
Password managementPassword management
Password managementPortalGuard dba PistolStar, Inc.
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsSam Bowne
 

Recommandé

One Time Password - A two factor authentication system
One Time Password - A two factor authentication systemOne Time Password - A two factor authentication system
One Time Password - A two factor authentication systemSwetha Kogatam
 
One time password(otp)
One time password(otp)One time password(otp)
One time password(otp)Anjali Agrawal
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsConnectSafely
 
One-Time Password
One-Time PasswordOne-Time Password
One-Time PasswordAta Ebrahimi
 
Password management for you
Password management for youPassword management for you
Password management for youChit Ko Ko Win
 
Atm simulation program using python
Atm simulation program using pythonAtm simulation program using python
Atm simulation program using pythonHappy Nezza Aranjuez
 
Password management
Password managementPassword management
Password managementPortalGuard dba PistolStar, Inc.
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsSam Bowne
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)securityEnrico Zimuel
 
Presentation on e learning management system
Presentation on e learning management systemPresentation on e learning management system
Presentation on e learning management systemHunain Asghar
 
Web security
Web securityWeb security
Web securitykareem zock
 
Password management
Password managementPassword management
Password managementWilmington University
 
Authentication
AuthenticationAuthentication
Authenticationprimeteacher32
 
Phishing
PhishingPhishing
Phishinganjalika sinha
 
Password Management
Password ManagementPassword Management
Password ManagementRick Chin
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
SSL TSL;& SET
SSL TSL;& SETSSL TSL;& SET
SSL TSL;& SETRamesh Ogania
 
How do at ms work.ppt
How do at ms work.pptHow do at ms work.ppt
How do at ms work.pptNaveen Sihag
 
Learning management System Techniques By Ravinder Tulsiani
Learning management System Techniques By Ravinder TulsianiLearning management System Techniques By Ravinder Tulsiani
Learning management System Techniques By Ravinder Tulsianiravindertulsiani1
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security STS
 
Secure communication in Networking
Secure communication in NetworkingSecure communication in Networking
Secure communication in Networkinganita maharjan
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDmitriy Scherbina
 
SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS ProtocolDevang Badrakiya
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
Eap intro
Eap introEap intro
Eap introAditya Mehta
 
Final year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing serverFinal year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing serversachin993
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniquesIGZ Software house
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLSSirish Kumar
 
One Time Password
One Time PasswordOne Time Password
One Time Passwordmahdi ataeyan
 
Creating OTP with free software
Creating OTP with free softwareCreating OTP with free software
Creating OTP with free softwareGiuseppe Paterno'
 

Contenu connexe

Tendances

Password (in)security
Password (in)securityPassword (in)security
Password (in)securityEnrico Zimuel
 
Presentation on e learning management system
Presentation on e learning management systemPresentation on e learning management system
Presentation on e learning management systemHunain Asghar
 
Password Management
Password ManagementPassword Management
Password ManagementRick Chin
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
How do at ms work.ppt
How do at ms work.pptHow do at ms work.ppt
How do at ms work.pptNaveen Sihag
 
Learning management System Techniques By Ravinder Tulsiani
Learning management System Techniques By Ravinder TulsianiLearning management System Techniques By Ravinder Tulsiani
Learning management System Techniques By Ravinder Tulsianiravindertulsiani1
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security STS
 
Secure communication in Networking
Secure communication in NetworkingSecure communication in Networking
Secure communication in Networkinganita maharjan
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
Final year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing serverFinal year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing serversachin993
 

Tendances (20)

Password (in)security
Password (in)securityPassword (in)security
Password (in)security
 
Presentation on e learning management system
Presentation on e learning management systemPresentation on e learning management system
Presentation on e learning management system
 
Web security
Web securityWeb security
Web security
 
Password management
Password managementPassword management
Password management
 
Authentication
AuthenticationAuthentication
Authentication
 
Phishing
PhishingPhishing
Phishing
 
Password Management
Password ManagementPassword Management
Password Management
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentation
 
SSL TSL;& SET
SSL TSL;& SETSSL TSL;& SET
SSL TSL;& SET
 
How do at ms work.ppt
How do at ms work.pptHow do at ms work.ppt
How do at ms work.ppt
 
Learning management System Techniques By Ravinder Tulsiani
Learning management System Techniques By Ravinder TulsianiLearning management System Techniques By Ravinder Tulsiani
Learning management System Techniques By Ravinder Tulsiani
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security
 
Secure communication in Networking
Secure communication in NetworkingSecure communication in Networking
Secure communication in Networking
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS Protocol
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
 
Eap intro
Eap introEap intro
Eap intro
 
Final year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing serverFinal year project report on Internet And Interanet Emailing server
Final year project report on Internet And Interanet Emailing server
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLS
 

En vedette

Creating OTP with free software
Creating OTP with free softwareCreating OTP with free software
Creating OTP with free softwareGiuseppe Paterno'
 
Exponents 2nd power point
Exponents 2nd power pointExponents 2nd power point
Exponents 2nd power point41142391
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcitmmubashirkhan
 
Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...IJwest
 
Two factor Authentication using Telegram Messenger - www.tgauth.com
Two factor Authentication using Telegram Messenger - www.tgauth.com Two factor Authentication using Telegram Messenger - www.tgauth.com
Two factor Authentication using Telegram Messenger - www.tgauth.comCognalys
 
Shariff V10- BSc (Hons) Project
Shariff V10- BSc (Hons) ProjectShariff V10- BSc (Hons) Project
Shariff V10- BSc (Hons) Projectsharmarke sharif
 
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Cyber Security Alliance
 
카카오팬 보안OTP가이드
카카오팬 보안OTP가이드카카오팬 보안OTP가이드
카카오팬 보안OTP가이드Nemustech
 
비밀번호 486 공인인증서와 액티브X
비밀번호 486 공인인증서와 액티브X비밀번호 486 공인인증서와 액티브X
비밀번호 486 공인인증서와 액티브Xkmhyekyung
 
150625_핀테크포럼 6월 정기모임_핀테크 시대의 보안기술
150625_핀테크포럼 6월 정기모임_핀테크 시대의 보안기술150625_핀테크포럼 6월 정기모임_핀테크 시대의 보안기술
150625_핀테크포럼 6월 정기모임_핀테크 시대의 보안기술StartupAlliance
 
08 인터페이 t zsign 소개-dcamp_150630
08 인터페이 t zsign 소개-dcamp_15063008 인터페이 t zsign 소개-dcamp_150630
08 인터페이 t zsign 소개-dcamp_150630D.CAMP
 
Mobile solutions strategy for a retail bank
Mobile solutions strategy for a retail bankMobile solutions strategy for a retail bank
Mobile solutions strategy for a retail bankAlexey Kazakov
 
Y Us Company Profile
Y Us Company ProfileY Us Company Profile
Y Us Company ProfileYusno Yunos
 
[한국핀테크포럼] 회원사소개: 인터페이
[한국핀테크포럼] 회원사소개: 인터페이[한국핀테크포럼] 회원사소개: 인터페이
[한국핀테크포럼] 회원사소개: 인터페이Hyeseon Yoon
 
정보보호최근이슈및패러다임의변화 임종인(고려대)
정보보호최근이슈및패러다임의변화 임종인(고려대)정보보호최근이슈및패러다임의변화 임종인(고려대)
정보보호최근이슈및패러다임의변화 임종인(고려대)Kyuhyung Cho
 
Kpay 소개서 201501
Kpay 소개서 201501Kpay 소개서 201501
Kpay 소개서 201501Inicis
 
Generate and test random numbers
Generate and test random numbersGenerate and test random numbers
Generate and test random numbersMshari Alabdulkarim
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketEMC
 
TITANIC'S ETHICAL CASE STUDY
TITANIC'S ETHICAL CASE STUDYTITANIC'S ETHICAL CASE STUDY
TITANIC'S ETHICAL CASE STUDYWajahat Sheikh
 

En vedette (20)

One Time Password
One Time PasswordOne Time Password
One Time Password
 
Creating OTP with free software
Creating OTP with free softwareCreating OTP with free software
Creating OTP with free software
 
Exponents 2nd power point
Exponents 2nd power pointExponents 2nd power point
Exponents 2nd power point
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcit
 
Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...
 
Two factor Authentication using Telegram Messenger - www.tgauth.com
Two factor Authentication using Telegram Messenger - www.tgauth.com Two factor Authentication using Telegram Messenger - www.tgauth.com
Two factor Authentication using Telegram Messenger - www.tgauth.com
 
Shariff V10- BSc (Hons) Project
Shariff V10- BSc (Hons) ProjectShariff V10- BSc (Hons) Project
Shariff V10- BSc (Hons) Project
 
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
 
카카오팬 보안OTP가이드
카카오팬 보안OTP가이드카카오팬 보안OTP가이드
카카오팬 보안OTP가이드
 
비밀번호 486 공인인증서와 액티브X
비밀번호 486 공인인증서와 액티브X비밀번호 486 공인인증서와 액티브X
비밀번호 486 공인인증서와 액티브X
 
150625_핀테크포럼 6월 정기모임_핀테크 시대의 보안기술
150625_핀테크포럼 6월 정기모임_핀테크 시대의 보안기술150625_핀테크포럼 6월 정기모임_핀테크 시대의 보안기술
150625_핀테크포럼 6월 정기모임_핀테크 시대의 보안기술
 
08 인터페이 t zsign 소개-dcamp_150630
08 인터페이 t zsign 소개-dcamp_15063008 인터페이 t zsign 소개-dcamp_150630
08 인터페이 t zsign 소개-dcamp_150630
 
Mobile solutions strategy for a retail bank
Mobile solutions strategy for a retail bankMobile solutions strategy for a retail bank
Mobile solutions strategy for a retail bank
 
Y Us Company Profile
Y Us Company ProfileY Us Company Profile
Y Us Company Profile
 
[한국핀테크포럼] 회원사소개: 인터페이
[한국핀테크포럼] 회원사소개: 인터페이[한국핀테크포럼] 회원사소개: 인터페이
[한국핀테크포럼] 회원사소개: 인터페이
 
정보보호최근이슈및패러다임의변화 임종인(고려대)
정보보호최근이슈및패러다임의변화 임종인(고려대)정보보호최근이슈및패러다임의변화 임종인(고려대)
정보보호최근이슈및패러다임의변화 임종인(고려대)
 
Kpay 소개서 201501
Kpay 소개서 201501Kpay 소개서 201501
Kpay 소개서 201501
 
Generate and test random numbers
Generate and test random numbersGenerate and test random numbers
Generate and test random numbers
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
 
TITANIC'S ETHICAL CASE STUDY
TITANIC'S ETHICAL CASE STUDYTITANIC'S ETHICAL CASE STUDY
TITANIC'S ETHICAL CASE STUDY
 

Similaire à SecureOTP: Total One-Time-Password Solution

implement authentication mechanisms
implement authentication mechanismsimplement authentication mechanisms
implement authentication mechanismsAlireza Ghahrood
 
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerO365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerNCCOMMS
 
Strong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS IIIStrong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS IIISylvain Maret
 
You may be compliant...
You may be compliant...You may be compliant...
You may be compliant...Greg Swedosh
 
You may be compliant, but are you really secure?
You may be compliant, but are you really secure?You may be compliant, but are you really secure?
You may be compliant, but are you really secure?Thomas Burg
 
Why Two-Factor Isn't Enough
Why Two-Factor Isn't EnoughWhy Two-Factor Isn't Enough
Why Two-Factor Isn't EnoughSecureAuth
 
Authentication without Authentication - AppSec California
Authentication without Authentication - AppSec CaliforniaAuthentication without Authentication - AppSec California
Authentication without Authentication - AppSec CaliforniaSoluto
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.SecureAuth
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of TrustYousof Alsatom
 
Typical Vulnerabilities of E-Banking Systems
Typical Vulnerabilities of E-Banking SystemsTypical Vulnerabilities of E-Banking Systems
Typical Vulnerabilities of E-Banking SystemsPositive Hack Days
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iPrecisely
 
Lynn Fy07 Q4 Msdn Events Copy
Lynn Fy07 Q4 Msdn Events CopyLynn Fy07 Q4 Msdn Events Copy
Lynn Fy07 Q4 Msdn Events Copyllangit
 

Similaire à SecureOTP: Total One-Time-Password Solution (20)

implement authentication mechanisms
implement authentication mechanismsimplement authentication mechanisms
implement authentication mechanisms
 
10 1 otp all
10 1 otp all10 1 otp all
10 1 otp all
 
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerO365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
 
Strong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS IIIStrong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS III
 
You may be compliant...
You may be compliant...You may be compliant...
You may be compliant...
 
You may be compliant, but are you really secure?
You may be compliant, but are you really secure?You may be compliant, but are you really secure?
You may be compliant, but are you really secure?
 
Why Two-Factor Isn't Enough
Why Two-Factor Isn't EnoughWhy Two-Factor Isn't Enough
Why Two-Factor Isn't Enough
 
Authentication without Authentication - AppSec California
Authentication without Authentication - AppSec CaliforniaAuthentication without Authentication - AppSec California
Authentication without Authentication - AppSec California
 
120 i143
120 i143120 i143
120 i143
 
RSA SecurID Access
RSA SecurID AccessRSA SecurID Access
RSA SecurID Access
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.
 
assign3.docx
assign3.docxassign3.docx
assign3.docx
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
 
Typical Vulnerabilities of E-Banking Systems
Typical Vulnerabilities of E-Banking SystemsTypical Vulnerabilities of E-Banking Systems
Typical Vulnerabilities of E-Banking Systems
 
Session4-Authentication
Session4-AuthenticationSession4-Authentication
Session4-Authentication
 
Getting authentication right
Getting authentication rightGetting authentication right
Getting authentication right
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
 
Lynn Fy07 Q4 Msdn Events Copy
Lynn Fy07 Q4 Msdn Events CopyLynn Fy07 Q4 Msdn Events Copy
Lynn Fy07 Q4 Msdn Events Copy
 

Dernier

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Dernier (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

SecureOTP: Total One-Time-Password Solution

  • 1. SecureOTP Authentication Server 3 Total One-Time-Password Solution
  • 2. What Is APassword A password is a SECRET word or string of characters that is used for authentication, to prove identity or gain access to a resource Generally, should be something that is hard to guess
  • 3. How Many Passwords Do You Have?
  • 5. Online Banking or Payment Service Provider
  • 6. How Do You Remember Your Passwords?
  • 7. Your passwords can be easily: Cracked Stolen Guessed
  • 8. Other Shortcomings of A Password A hassle for users A drain on the helpdesk A headache for the management A worry for security managers
  • 9. How To Steal A Password Shoulder surfing Snooping on the user’s network connection Hacking the system’s password file Simple guesswork Use powerful password cracking tools 1 2 3 4 5
  • 10. Conclusion: The classic username-and-password combination can only deliver weak authentication. And yet it is all that stands between your sensitive business information and prying eyes.
  • 11. What is the IDEAL solution that can provide STRONG AUTHENTICATION?
  • 13. Two-Factor Authentication What you have What you know Strong Authentication + =
  • 14. Two-Factor Authentication Your username and password What you have What you know Strong Authentication + = A One-Time-Password Token
  • 15. One-Time-Password (OTP) A password that is valid for only ONE login session or transaction Also known as dynamic password
  • 16. OTP Technology Two input factor is taken to generate an OTP. Time factor or Number of clicks 1 Seed code 2 Types of OTP: Time-based authentication 1 Event-based authentication 2 Challenge-response-based authentication 3
  • 18. SMS & Messaging Token J2ME Mobile Token Software Token Browser Token Multiple 2-Factor OTP Tokens SecureOTP Hardware Token
  • 19. SecureOTP Hardware Tokens SecureOTP Card SecureOTP Time SecureOTP Event OTP + PKI Combo SecureOTP Hybrid SecureOTP CR
  • 20. SecureOTP Hardware Token Feature Highlights High Mobility Low Cost High Security High Quality
  • 21. How SecureOTP Works Same Account Account1 Account 1 + + Customer Authenti-cation Server Same PIN Pwd Pwd + + Same OTP 555532 Same Algorithm Algorithm Algorithm Timer/Event Seed Timer/Event Seed Same Seed Same Event Counter / Timer
  • 22. PWD OTP Time/Event Synchronous OTP Workflow DB + 3 User Input 1 2 4 5 SSL Authentication Server Application Server
  • 23. PWD Challenge Challenge-Response OTP Workflow 6 DB Authentication Server + 5 7 2 User Input 3 1 4 8 Application Server
  • 25. SecureOTPFeature Highlights Flexible Support Powerful Admin. Central Design Multiple Language Support Strong Security
  • 26. SecurePKI USB PKI Tokens Complete PKI solution with Certificate and Token Lifecycle Management. Cost effective advanced MCU smart chip based USB token SecureOTP Authentication System PKI Smart Cards Advanced OATH hardware token based OTP authentication solution Contact and Dual Interface MCU smart chip based Smart Cards SecureOTP Advanced Authentication System OTP, Hybrid and CR Tokens Multi-Factor OTP authentication solution OTP, OTP + PKI, and Challenge Response chip based Tokens SecureMetric 2-Factor Authentication 2FA Security Solutions 2FA Security Devices
  • 28. Thank You. Prepared by: RafidahAriffin SecureMetric Technology Sdn. Bhd. rafidah.ariffin@securemetric.com