DIGITKEY Token Family DIGITKEY Token family consists of various DIGITKEY token models to fit your security needs. DIGITKEY token generates time- or event-synchronized one-time dynamic password and Challenge-Response to secure authentication, and even supports Digital-Signatures for signing online or offline transactions.
DIGITKEY Server Family DIGITKEY Server products combine seamlessly with DIGITKEY token family to form an easy-to-use and -deploy total security solution. DIGITKEY Servers support all DIGITKEY token features and are totally platform- and application-independent, fully scaleable to fit your existing applications. So that you don't have to re-build your systems but just add it on.
DIGITKEY Toolkit DIGITKEY Toolkits offers unrivalled flexibility in DIGITKEY token initialization. With DIGITKEY Toolkits, now you have a total control on all security parameters of tokens. You can master all token features easily, effectively & securely; more importantly, you can react to your users in short reaction time.
STRONG AUTHENTICATION HAS NEVER BEEN SO ULTRA-PORTABLE & ULTRA-EASY TO USE
DIGITKEY GO1 provides affordable security in applications and networks where user acceptance is crucial. DIGITKEY GO1 can be used in the traditional banking market as well as in the corporate networking and e-commerce markets. In both markets, security flaws due to statistic passwords as PIN (Personal Identification Number) and TAN (TransAction Number) are imminent.
DIGITKEY GO1 is ultra-portable and can be used anywhere, anyhow and at any time. It can be carried in a shirt pocket, clipped on a belt, worn on a necklace or as a classy key holder. This is reinforced by its stylish design. The combination of aesthetics and security will ensure that users will like to deploy and to wear DIGITKEY GO1.
For security in applications and networks, user application is absolutely crucial. Balance that against the need for an affordable solution that is very easy to use. DIGITKEY GO1 offers all that in an attractive, smooth design. What's more? It can be carried easily in a pocket, on a keyring or clipped to a belt for true "anywhere, anytime and anyhow" security.
DIGITKEY GO1 - PRODUCT BRIEF
EASY TO USE DIGITKEY GO1 offers the ultimate in user-friendly high security. With a simple and easy click users open DIGITKEY GO1 and an unique One-Time-Password is displayed on the high contrast LCD. All they need to do is read it and key it into their application - wherever. So it can be combined with different platforms, like PCs, telephones, Internet kiosks, or mobile phones.
EASY TO DEPLOY DIGITKEY GO1 is rapidly integrated into existing networks. So any static password in an application can be replaced to greatly improve to a dynamic password security system. Once the token is uniquely programmed and distributed to the user, they no longer need to contact the network manager. A PIN is not even needed to lock DIGITKEY GO1 token. The long battery lifespan of 5 years yields a very high Return On Investment. DIGITKEY GO1 can even be re-use by reprogramming with new and unique encryption keys and/or algorithms.
SECURITY WITHIN EVERYBODY'S REACH Not all security measures require sophisticated procedures with multiple fields to be entered. When strong authentication is secure enough, e.g. in corporate networking or remote access to banking applications, users tend to accept simpler devices. When the design is stylish and the user is given the final choice of how to use it, then half of the acceptance battle is already won. DIGITKEY GO1 offers the use with a choice to carry it in a pocket or around his / her neck for moving within the company, on a keyring so as not to forget it in the morning or clipped to a belt like a mobile phone. So user acceptance is considerably enhanced, and network management intervention is reduced to the strict minimum.
DIGITKEY GO1 - KEY FEATURES
Comes with complete accessories to carry it in a pocket, around the neck, on a keyring or on a belt.
Only weights 29 grams
Dimension: 15 X 35 X 68 mm (H X W X L)
8-character LCD display
Activated automatically when window is slid open
DES or 3-DES algorithm
Real-time clock embedded
Compatible with DIGITKEY family tokens
Programming with DIGITKEY Programmer toolkit
Combining a PC PIN entry is possbile
Expected batter lifespan of 5 years
Time and Even Synchronous
ULTRA-PORTABLE, STRONG AUTHENTICATION FOR HIGHEST CONVENIENCE & USER ACCEPTABILITY
User acceptance of security tools is a crucial factor in guaranteeing the success of security solution implementations for secure access to remote applications and networks. An alternative to the risk that static PINs and TAN lists pose, DIGITKEY GO3 is very affordable, ultra-user friendly, and quick and efficient to rollout to users. These advantages allow you to close all security gaps in user authentication in a matter of hours.
The GO3 is also able to carry corporate logos, branding and custom colours to suit your business. DIGITKEY GO3 is the perfect balance between an elegant design, and an unrivaled degree of portability and affordability in an easy to use security device.
DIGITKEY GO3 - PRODUCT BRIEF
EASY TO USE
The touch of a button?encapsulates all that busy users could want in a device that their employer requires them to use. DIGITKEY GO3 is very small, and features a high contrast LCD display and a single button. This combination offers the ultimate in user-friendliness and high security: One push on the button and DIGITKEY GO3 shows a unique one-time password on its LCD display. The user then enters this one-time password into their application login screen.
DIGITKEY GO3 can be combined with different platforms, including PCs, telephones, Internet kiosks and mobiles phones, making its use practically anywhere at anytime a plus for users and organisations alike.
EASY TO DEPLOY
The integration of DIGITKEY GO3 into existing networks is simple and fast. Any static password or existing TAN (pre-printed lists of TransAction Numbers) numbers can be replaced instantly with the more secure DIGITKEY GO3 dynamic password. Once the unit has been programmed (to suit your authentication needs) and is handed over to the user, there is no need to read lengthy manuals or call on the network manager. Itís use is obvious and simple, requiring virtually no support or training. Unlike other tokens, the user cannot lock DIGITKEY GO3, as no PIN entry is required. If required, DIGITKEY GO3 can be reprogrammed for distribution to another user in cases where an employee is promoted, or even leaves the company.
DIGITKEY GO3 is fully interoperable with all members of the DIGITKEY family and works seamlessly together with the VACMAN Controller or Vacman Server and over 50 vendor applications to ensure deployment at the lowest total cost of ownership.
SECURITY WITHIN EVERYBODY'S REACH
Not all security measures require sophisticated procedures with multiple steps and physical entries required to authenticate users. Neither should it pose a large expense... DIGITKEY GO3 normal battery lifetime of 5 years and beyond offers a very high return of investment. Strong authentication using DIGITKEY GO3 is the simply implemented, affordable solution. Whether in corporate networking or remote access to banking information - users more readily accept simpler devices that guarantee secure access.
Whatís more, DIGITKEY GO3 can be:
Carried on a key chain
Attached to an existing proximity card
Worn around the neck, or
Simply be carried in a pocket or purse!
When the design is stylish and the user is not confronted with procedures or difficult to use tools, the acceptance battle is won.
DIGITKEY GO3 - KEY FEATURES
So light to go - Only 10 grams in weight, including battery.
So small to carry - 12.5 x 30 x 60 mm (H x W x L)
8-character LCD display
Activated by pushing a single button
DES or 3-DES
Real-time clock embedded
Time synchronous or Time and Event synchronous encryption
Optional PIN protection on a PC
Expected 5 years battery lifespan
Personalization parameters to make it unique
STRONG AUTHENTICATION & DIGITAL SIGNATURE FOR PDA MOBILE SECURITY
Pocket PC's are merging with mobile phones, digital cameras, digital music players, GPS receivers thus becoming all-in-one universal digital assistants. DIGITKEY for Pocket PC adds yet another functionality: it turns the Pocket PC into a personal hardware security token.
With DIGITKEY for Pocket PC, the Pocket PC or smart phone becomes a hardware token providing one-time passwords, challenge - response remote authentication and digital signatures. This transformation is achieved in pure software so no extension slots, no wires, no add-on modules to tangle with.
Many Pocket PC devices have wireless connectivity capabilities, relying on WAP, GPRS or similar technologies. With such connected Pocket PC's, DIGITKEY provides strong user authentication and digital signatures for over-the-air mobile commerce transactions.
Multiple profile support is one of the many features of the DIGITKEY for Pocket PC. It allows more than one virtual token on one Pocket PC, each with its own secret key for access to different servers, networks and web sites.
DIGITKEY PRO200 protects access to corporate networks, e-business and e-commerce applications by eliminating the weakest link in the security infrastructure: the use of static passwords.
Unlike human-created passwords that are easily stolen, guessed, reused, or shared, DIGITKEY PRO200 generates single-use passwords that change every 36 seconds. Protect the network from the inside-out, for internal employees on their desktop machines to the outside remote users on their laptops. DIGITKEY PRO200 offers secure remote access and extended digital signature capabilities on PDAs and smart phones.
DIGITKEY PRO200 - PRODUCT BRIEF
ANOTHER STEP TOWARDS DIGITAL CONVERGENCE PDAs are merging with mobile phones, digital cameras, digital music players. GPS receivers and becoming all-in-one universal digital assistants. DIGITKEY PRO200 adds yet another functionality: it turns the PDA into a personal hardware security device.
STRONG AUTHENTICATION FOR M-COMMERCE Many PDA devices have wireless connectivity, relying on WAP, GPRS or similar technologies. As a result, PDA's enabled with DIGITKEY PRO200 provide strong user authentication and Digital-Signatures for wireless mobile commerce transaction. DIGITKEY PRO200 provides end-to-end secure data exchange, between the end-user and the m-commerce store or bank. It does not rely on the underlying wireless connectivity infrastructure. DIGITKEY works equally well over mobile phones, GPRS or 3G networks.
WORK OFF-LINE OR OVER LAGACY NETWORKS: ANYTIME AND ANYWHERE DIGITKEY PRO200 can work on-line, off-line or wirelessly. DIGITKEY One-Time-Passwords and digital signatures can be communicated over any available medium. Telephone lines, Internet, VPN, corporate LAN, Kiosks or even fax - everything will do. DIGITKEY can also be used for traditional touch-tone phone banking. One-time passwords can even be used with a live operator by voice: truly anytime, anywhere connectivity.
ONE DEVICE TO ACCESS MULTIPLE NETWORKS AND WEB SITES DIGITKEY PRO200 allows more than one virtual token in one PDA, each with its own secret key for access to different servers, networks and web sites.
EASY TO DEPLOY DIGITKEY PRO200 can be easily installed by individual end-users or centrally deployed throughout the organizations. It is installed in a straightforward, wizard-assisted process with a customary use of the cradle and the specific Sync technology.
Two types of activation are supported:
(i) offline, whereby each client receives a personalization file and activation code;
(ii) online / interactive, allows initialization via e-mail or telephone.
DIGITKEY PRO200 Pocket PC: Windows CE 3.0, Pocket PC 2002
DIGITKEY PRO200 Palm: PalmOS 3.0 and higher
DIGITKEY PRO200 Symbian: Symbian OS 6.x Crystal & Quartz
DIGITKEY PRO200 - KEY FEATURES
Remote user authentication with One-Time-Passwords or Challenge-Response
Digital-Signatures (message authentication codes)
Mobile commerce, mobile banking, etc.
Traditional phone / fax banking
Network security, remote office, telecommuting
Wireless protocol agnostic: works over TDMA, CDMA, GSM, GPRS or 3G networks
Works off-line or over legacy networks: LAN, dial-up modems, Internet, fax, voice. Operational when no wireless connection available
Compatible with all DIGITKEY family members and server tools
Multiple profile support: one PDA to access all networks and web sites
DIGITKEY PRO200 - PASSWORD MANAGEMENT
User-chosen and changeable password
The system operator defines usage and length of the password
Locks after a certain number of invalid password entries
In the "Unlock mode", a reversed Challenge-Response scheme can be employed to re-activate a locked DIGITKEY PRO200
DIGITKEY PRO200 - CRYPTOGRAPHIC FEATURES
Data Encryption standard (DES) and triple DES
Challenge input up to 16 digits long.
Responses are shown in decimal or hexadecimal format
Different functions can be assigned to each application:
Time independent response with external Challenge (X9.9)
Time-based response with external challenge
Event-based response with external challenge
Time-based one-time password generation
Event-based one-time password generation
Time- and Event-based one-time password generation
A single check digit (per ISO 7064-6) can be applied on the Challenge and / or Response
SECURE ACCESS & USER AUTHENTICATION FOR NEW E-BANKING SERVICES WITH ONE-TIME PASSWORD AND DIGITAL-SIGNATURE
The handheld DIGITKEY PRO300 provides financial institutions and companies with a secure means of customer or employee identification and authentication for remote access to their computer systems and networks. DIGITKEY PRO300 is ideally suited for large public banking applications such as telebanking, home banking, PC banking, phone banking and Internet banking where authentication and e-signatures are key requirements.
The user interface has been conceived to work in an intuitive way, requiring a minimum number of keystrokes, so that the user can start using DIGITKEY PRO300 almost without referring to a user guide. Thanks to the optical interface, the user can even read challenges directly from the computer screen.
The small hand-held DIGITKEY PRO300 authentication device secures authetication in any network structures and eliminates weak links. DIGITKEY PRO300 generates an One-Time-Password that enables you to identify customers, employees and remote users who are accessing your computer systems or networks. Digital-Signature even enhance security by signing financial transactions. Most valuably, it provides secure access from any locations.
DIGITKEY PRO300 - PRODUCT BRIEF
STRONG TWO-FACTOR AUTHENTICATION DIGITKEY PRO300 security solution is based on Two-Factor Strong Authentication. To gain access to applications and services, users must have a Personal Identification Number (PIN) and a hand-held DIGITKEY PRO300. The PIN is entered onto DIGITKEY PRO300 which then computes a time-based or even-based dynamic One-Time-Password. The One-Time-Password enables authorized access to the network resoources.
INTUITIVE USER INTERFACE AND ADVANCED DESIGN Made of robust and shock-resistant materials, with an intelligent power management battery of expected 7 to 10 years long lifespan, unique encrpytion parameters, make DIGITKEY PRO300 a reliable and yet secure total security solution. Its ergonomic keypad and simple user interface are so easy to use, neither technical training nor user guide is even needed. Universally recognizable LCD display icons walk user through simple operation steps.
MAXIMUM CUSTOMIZATION DIGITKEY PRO300 is designed to fit your specific applications. Security parameters such as PIN length, number of PIN trials, password length, type of cryptographic algorithm, challenge-response length, all are programmable to satisfy your needs. Results: you get an optimum balance of user-friendliness cost-efficiency and security.
BANKING WITH DIGITKEY PRO300 DIGITKEY PRO300 technology is deployed with success in wide array of application environments. For instances, more than 250 financial institutions around the world overcome security challenges of online-banking and -transaction, by deploying DIGITKEY PRO300 solution, without compromising existing infrastructures. Easy-to- deploy and -use DIGITKEY PRO300 solutions provide high security and total reliable e-banking services via phone, fax, and Internet. Treating security issues seriously and effectively, their existing customers' loyalty is increased while offering potential new customers the benefit of heightened security.
SAFER INTERNET TRANSACTION, MORE OPPORTUNITY DIGITKEY PRO300 technology enhances the security of your web services and help you regain your total control. Whether it is using DIGITKEY PRO300 to generate dynamic One-Time-Password for restricted area logons or compute Digital Signatures for signing financial transactions, you have greater control over who is trying to perform what activity and hence competitive edge.
SECURING COPORATE NETWORKING, BUILDING COMPETITIVE ADVANTAGES Should Corporate Networking security be seriously addressed? Yes, because exchange of information is a competitive advantage to put your corporation staying ahead of the curve. And itís vital to keep this alive, securing corporate computing is as important as money transaction and security must not be deminished. DIGITKEY PRO300 provides highly secure solutions for guarding against breaches of confidentiality and unauthoirzed access to corporate data resources. Furthermore, DIGITKEY PRO300 technology wins high scores for offering more functionality and flexibility at a low total cost of ownership.
DIGITKEY PRO300 - KEY FEATURES
Internal real-time clock
Intelligent Power Management conserves battery life
Expected 7 to 10 years lifespan battery
PIN is user changeable
PIN Trial-and-Lock self-protect system
Remote Unlocking mechanism
Usage period controllable
ON/OFF/ERASE functions on a single button
Unique Initialization per DIGITKEY PRO300
Total control on Initialization
Administratively defined PIN length, PIN trials, password length, transaction parameters
Optical Interface for Initialization/reading Challenge-code or transaction parameters
Digital-Signature guarantees transmitted data integrity
Size: 85 x 47 x 15 mm
Weight: 37 grams
DIGITKEY PRO300 - CRYPTOGRAPHIC CHARATERISTICS
Conforming Data Encryption Standard (DES or Triple-DES options)
Programmable number of applications with unique DES key and parameters
Up to 16 Challenge digits for Responses computing
Manually key in or optically read from any computer monitor of Challenge code or transaction parameters for Digital-Signature computing
Decimal or hexadecimal format Response options
Optional Check-Digit (ISO 7064-6 standard) for Challenge and/or Response approach
Time- and Event-based One-Time-Password
Time-based Response with external Challenge
Event-based Response with external Challenge
Time-independent Response with external Challenge (X9.9)
SECURE YOUR NETWORK RESOURCES WITH THE STYLISH, STATE-OF-THE-ART DESIGN DIGITKEY PRO560. WITH DIGITKEY PRO560, YOU CAN OFFER STRONG AUTHENTICATION & DIGITAL-SIGNATURE IN YOUR OWN LANGUAGE.
DIGITKEY PRO560 is an authentication code generator that provides secure customer or employee identification for access to computer systems. At the same time it can generate e-signature and even host authentication.
Financial institutions and other companies are aware that user log-on names and static passwords are insufficient for user authentication, as they can easily be stolen and misused. Strong authentication is the solution to this problem.
DIGITKEY PRO560's security is based on two-factor strong authentication; combining something the user possesses (a DIGITKEY token) and something the user knows (a PIN to access the DIGITKEY).
DIGITKEY PRO560 eliminates the weakest link in any security structure, i.e. the use of static passwords. DIGITKEY PRO560 generates an One-Time-Password that enables you to identify customers, employees and remote users who are accessing your computer systems or networks. Digital-Signatures mechanism can be deploy to further secure the electronic transactions.
DIGITKEY PRO560 - PRODUCT BRIEF
STRONG TWO-FACTOR AUTHENTICATION DIGITKEY PRO560 is based on strong two-factor authentication. To gain access to applications and services, you need to use DIGITKEY PRO560 to generate a dynamic One-Time password, that is used for secure strong authentication.
INTUITIVE USER INTERFACE AND ADVANCED DESIGN Made of robust and shock-resistant materials, with contemporary & sleek design, DIGITKEY PRO560 comes with an integrated hard-cover. All these make DIGITKEY PRO560 a reliable and yet essential part of any enterprise security solution. Its ergonomic keypad and bitmap LCD display supporting special characters and customized messages, make it easy to use. Programmable messages walk end-user through the entire operation. DIGITKEY PRO560 enhances DIGITKEY family in offering new features such as a Personal Unlocking Key (PUK), which is widely used in mobile handsets. Now, DIGITKEY PRO560 also supports AES, the future encryption standard.
MAXIMUM FLEXIBILITY DIGITKEY PRO560 is scaleable to meet your specific applications. Security parameters such as PIN length, number of PIN trials, types of cryptographic algorithm, Challenge-Response length, are all programmable. Furthermore, if the use locks his DIGITKEY due to a forgotten PIN, he can unlock it with a PUK. Result: you get an optimum balance of user-acceptance, cost-efficiency and security.
BANKING WITH DIGITKEY DIGITKEY PRO560 technology is deployed with success in wide array of application environments. For instances, more than 250 financial institutions around the world overcome security challenges of online-banking and -transaction, by deploying DIGITKEY PRO560 solution, without compromising existing infrastructures. Easy-to- deploy and -use DIGITKEY PRO560 solutions provide high security and total reliable e-banking services via phone, fax, and Internet. Treating security issues seriously and effectively, their existing customers' loyalty is increased while offering potential new customers the benefit of heightened security.
DIGITKEY PRO560 - KEY FEATURES
Internal real-time clock
Charaters, messages & logos can be fully specified for instructions or marketing purposes
Support up to 4 different languages
Possibility to use default account number, internal counter and decimal numbers (e.g. amount of money) in Digital-Signature
Diagnostic features like display internal time, serial number, and battery level.
Expected 5 years battery lifespan
PIN is user changeable - optional PIN and its length can be selected
PIN Trial-and-Lock self-protect system
Remote Unlocking or PUK Local Unlocking mechanisms
Fully cutomization of secrets and options done by DIGILINK station
Digital-Signature guarantees transmitted data integrity
Tactile keypad technology with 11 silicon rubber keys + 1 jog dial
Integrated hard cover to protect display and keypad
Large display with one line of 9 by 60 dots to allow for logo and language specific characters
Size: 88 x 59 x 7 mm
Weight: 41 grams
DIGITKEY PRO560 - CRYPTOGRAPHIC FEATURES
Conforms DES (Data Encryption Standard) and Triple-DES, enabling the highest possible level of logical security
Conforms AED (Advanced Encryption Standard), future encryption standard compatible
Supports 4 different platform-independent applications or hosts at maximum, each for authentication or signature, or both.
Extended signatures are possible by using signature counter
Variable length Challenge input and Response output (decimal or hexadecimal formats)
Possibility to add check-digit on the Challenge and/or Response
Supports all cryptographic modes of DIGITKEY PRO 250, 300 and 700
SIMPLIFY YOUR ADVANCED REMOTE-USER AUTHENTICATION & TRANSACTIONS
With DIGITKEY PRO700, secure network access and complex digital signatures become possible without putting any extra burden on the user.
DIGITKEY PRO700 enables network access specialists to bring the overall remote access security to a superior level while building an incredibly flexible, economic and yet user-friendly security infrastructure. They can define several applications, each with the most appropriate settings, just by changing parameters (e.g. PIN length, number of trials, lengths of challenge, concatenated fields).
The easy-to-follow, on-screen instructions and the large, comfortable keypad make the user immediately familiar with DIGITKEY PRO700. With all display messages programmable and in their native language, the use of the token becomes simple, even for the most complex authentication schemes.
Belonging to the DIGITKEY family, it benefits from all existing programming and authentication software that already supports the other family members.
Secure access to more advanced applications is a reality with DIGITKEY PRO700, a security solution that fits in the palm of your hand. Supporting 8 independent applications at maximum, DIGITKEY PRO700 boasts a remarkable index of features that enable security managers and application owners to easily enhance their network security.
DIGITKEY PRO700 - PRODUCT BRIEF
STRONG TWO-FACTOR AUTHENTICATION DIGITKEY PRO700 solutions is based on strong two-factor authentication. To gain access to applications and services you must have a PIN (Personal Identification Number) and a handheld DIGITKEY Pro700. The PIN code is entered into DIGITKEY Pro700 so as to activate it, DIGITKEY Pro700 then calculates an One-Time dynamic password that is used for secured authentication to the system resources.
EASE OF USE With 3-line LCD display, that can display application-specific information, DIGITKEY PRO700 is ideally suited for sophisticated or complicated transactions. Its object-oriented concept allows it to fit into existing user interfaces and terminology, specific application customization is even possible, now. Up to 8 independent applications at maximum can be hosted with no less than 64 messages in two languages - logos and country-specific language characters. Security manager can program user guides, walk-through, marketing messages, etc into the DIGITKEY PRO700. As a result, the user can execute highly sophisticated operations or transactions in total secured manner without the need for training manuals. DIGITKEY Pro700 offers security managers, application owners and users the full benefits of "triple-A" security - Anywhere, Anyhow, and Anytime.
EASY TO IMPLEMENT AND MANAGE DIGITKEY Pro700 is easily customized to your specific applications. Administrators can fine-tune this security solution to meet specific application needs, form PIN length and number of PIN trials to challenge and response length. Initialization of DIGITKEY Pro700 is a fast, secure and manageable process, resulting in the optimum balance of use-friendliness, cost-efficiency and security.
DIGITKEY PRO700 - KEY FEATURES
Programmable use interfaces in two-languages - graphical and character languages
On-screen messages guide the user and further simplify helpdesk queries
Color and logo options offer strong branding
High contrast 12-digit, 3-line LCD display (1 line for icons, 1 line 7 x 5 dot-matrix and 1 line 7-segment for optimal legibility)
Tactile keypad technology with silicone rubber key tops (16 keys)
Integlligent battery management give a life expectancy of 7 years
Dimmensions: 90 x 60 x 10 mm (L x W x H)
Weight: 35 grams
DIGITKEY PRO700 - CRYPTOGRAPHIC FEATURES
Supports DES (Data Encryption Standard) and Triple-DES, enabling the highest possible level of logical security
Supports 8 different platform-independent applications or hosts at maximum, each with unique keys and parameters
Digital-Signatures can be calculated based on fractional (left- or right-aligned) amounts, hidden or visible counters, default values and time stamps.
Up to 24 digits of challenge or data field input can be keyed in or read from a computer screen with optical interface
Responses or Digital-Signatures are shown on the display in decimal or hexadecimal formats (24-digit at maximum). An optional check-digit (ISO-7064-6 basis) can be applied on Challenge, Response and Digital-Signature functions.
Supports full range of time- and event-based authentication mechanisms, using the internal and unalterable real-time clock
Mutual signature verification allows small groups to be authenticated, eliminating the need for a dedicated server.
PORTABLE INTELLIGENT SMART CARD READER WITH STRONG AUTHENTICATION & DIGITAL SIGNATURES
The DIGITKEY PRO800 brings token technology to the immense, worldwide installed base of smart cards. This smart card can be a banking smart card (e.g. with electronic purse functionality) but can also be any private scheme smart card.
The philosophy of the DIGITKEY PRO800 is based on a brand-new factory-to-field concept. In this concept, the DIGITKEY PRO800 is distributed immediately to the field in large volumes, without requiring any intermediate personalization. With smart cards this personalization has, in fact, already been done and is re-used. This means that any user taking any DIGITKEY PRO800 converts it into his own token simply by inserting his personal smart card. Hence the cost of ownership of such authentication system becomes a fraction of that of a separate system that requires administration, distribution and initialization of tokens.
The DIGITKEY PRO800 is used unconnected and performs as a normal DIGITKEY - performing strong authentication and e-Signatures, all combined with a long battery lifetime.
Want to achieve stronger network security? Looking for a flexible & expandable way to leverage your investments in smart cards without the cost of specialized programming? The highly portable DIGITKEY PRO800 smart card reader offers unparalleled value and security, at any time and from any place.
DIGITKEY PRO800 - PRODUCT BRIEF
EASY TO IMPLEMENT AND MANAGE Smart card issuers such as financial institutions, banks, telecom operators, ASPís, distribution companies ... can deploy the DIGITKEY PRO800 smart card reader quickly and cost-effectively. Itís less expensive than standard smart card readers, with no software drivers to install or specialized programming required. In addition, the systemís so simple and easy to manage, help-desk costs are minimized.
Best of all, organisations already using other DIGITKEY authentication devices can seamlessly migrate to the DIGITKEY PRO800 without changing the security infrastructure thatís already in place.
HOW DOES DIGITKEY PRO800 WORKS? The DIGITKEY PRO800 smart card-reader can be used at any time, from any place and on any platform (PC or MAC, telephone or Internet). Just insert the smart card into the DIGITKEY PRO800 and enter the cardís Personal Identification Number (PIN). Unique secrets are automatically created, personalising the reader for that particular user. As soon as the card is removed, it reverts to a blank screen.
The strength of DIGITKEY PRO800 security is based on Two-Factor authentication approach, which are:
1. Something the user possess: the smart card
2. Something the user knows: the smart card PIN
All data entry is done on a telephone-like keypad. Instructions and graphics are displayed on DIGITKEY PRO800's 2-line LCD display. the user is prompted every step of the way, receiving corrective prompts when errors are made.
FACTORY TO FIELD The DIGITKEY PRO800 initialises itself and becomes unique at the moment that a user inserts his smart card and enters his PIN. As soon as the card is removed from the DIGITKEY PRO800, all secrets are immediately erased. As DIGITKEY PRO800 is platform independent and needs no personalization prior delivery to the customer, every reader is identical. Therefore it can be produced and distributed in a very cost-effective and easy way.
OPEN AND SECURE ACCESS Since the DIGITKEY PRO800 is a self-initialising authentication device that is unconnected, it offers secure remote access at any time, from any place, on any platform (PC or MAC, telephone, Internet, etc.). As soon as the card is removed from the DIGITKEY PRO800, all secrets are immediately erased.
AUTHENTICATION SERVICES Once activated, DIGITKEY PRO800 can generate dynamic One-Time-Passwords to log-on remotely to computer networks, compute Digital Signatures to sign transactions or accept Challenge messages and computes the corresponding Responses.
LOW COST OF OWNERSHIP DIGITKEY PRO800 eliminates the need to provide customers with a smart card and a separate authentication token. It combines the instrinsic security of the smart card with the advantages of unconnected tokens. In Addition, DIGITKEY PRO800 requires no extra personalization by the network owner and can be delivered in bulk. DIGITKEY PRO800 allows you to reduce the total cost of ownership of your security infrastructure by lowering the number of support calls on your helpdesk.
DIGITKEY PRO800 - KEY FEATURES
High-contrast, 10-character, 2-line LCD (1 line 60 X 7 dot-matrix line + 1 line of 14-segment characters)
Tactile keypad with silicon rubber keys
Intelligent battery management for a 3-5 years lifespan
DES and 3-DES supported
Real-time clock embedded
PIN Trial-and-Lock self-protect system
Compatible with ISO7816 smart cards
Support of T=0 and T=1 smart cards
Compatible with existing host systems for any DIGITKEY family tokens
Dimension: 63X 95 X 16 mm
Weight: 58 gram
DIGITKEY PRODUCT COMPARISON TABLE
DIGITKEY TOKEN FAMILY
Algorithm Option: Time/Event/Challenge
time event -
time event -
time event challenge
time event challenge
DES / 3-DES
Challenge-Response Unlocking (Remote)
Puk Code Unlocking (Local)
N° Of Application
Expected Lifespan (In Year)
easy + mini
easy + mini
long-life + functional
complex digital signature
INTEGRATE STRONG AUTHENTICATION INTO YOUR APPLICATIONS WITHOUT REWRITING THE CODES
Effective network security demands a partnership between system administrators and authorized users. Unfortunately, you can't always count on users to change their passwords regularly and that creates an invitation to hackers.
DIGITKEY Controller - PRODUCT BRIEF
DIGITKEY Controller can reliably secure any part of your network without requiring changes to your existing applications. Simply link DIGITKEY Controller to the application, and it automatically handles login requests from any users youíve authorized to have a DIGITKEY token. It's that easy.
ZERO KNOWLEDGE INTEGRATION Designed by specialists in system entry security, DIGITKEY Controller makes it easy to administer a high level of access control. You simply add a field to your existing user database, describing the unique DIGITKEY token assigned to the user. DIGITKEY Controller takes it from there, automatically authenticating the logon request using the security sequence you specify, whether it's a One-Time-Password using dynamic One-Time-Password or a Challenge-Response authentication mechanism or a transaction signing Digital-Signature.
You may also specify what type of DIGITKEY you give your customer; from the small DIGITKEY GO1, or PRO300 to the sophisticated smart card based DIGITKEY PRO800, or even PDA or PC based DIGITKEY Soft version.
Simply tailor your security solution according to the needs of your company.
ACHIEVE LOW TOTAL COST OF OWNERSHIP DIGITKEY Controller is a cost-effective solution requiring only a couple of days to implement. Provide your company the flexibility to follow new standards and developments in network security. A low, total cost of ownership is a reality with DIGITKEY Controller.
UNMATCHED VERSATILITY DIGITKEY Controller gives you the freedom to offer remote access to nearly any type of application, from simple data exchanges to full-fledged e-commerce solutions. Thereís no need to limit the applications you make available to remote users, because DIGITKEY Controller can provide precisely the level of strong authentication you require (including a full range of time and/or event-based security schemes).
HASSLE-FREE STRONG AUTHENTICATION It used to be anything but easy to implement a strong authentication security scheme. You could buy a specific access control server, only to find that itís often tough to configure to work with existing applications. Or you could build a custom solution, putting a new burden on the IT department with no guarantee that your home-grown approach would provide an adequate level of security.
DIGITKEY Controller offers a flexible alternative: an API-type solution that provides strong security, while requiring minimal changes to your current system. Just build a few calls into your applications and it's up and running. Itís a long-term solution because upgrades are available through a maintenance contract, to ensure that your access control system will always incorporate the latest in encryption technology standards and new additions to the DIGITKEY family tokens.
MULTI-PLATFORM SUPPORT DIGITKEY CONTROLLER protects your IT investment by offering security for nearly any operating system or platform. Itís a proven solution, operating flawlessly in many different environments today. DIGITKEY Controller is completely scaleable, supporting an unlimited number of authorized users.
DIGITKEY Controller - KEY FEATURES
Complete application independent
Support for most processors and platforms
ASCII and EBCDIC support
32-bit to 64-bit memory support
Multi-thread and multi-task aware code
Compatible with all current and future DIGITKEY family tokens
Various authentication approaches available:
Time and/or event based authentication mechanisms
Supports DES and 3-DES
PIN Trial-and-Lock self-protect system
Help desk support
Easy maintenance / upgrade
EASILY ADD STRONG AUTHENTICATION TO YOUR EXISTING REMOTE ACCESS SOLUTION
Your Firewalls and RADIUS servers solve a lot of problems, when it comes to provide remote access to the company network. Do you worry that unauthorized users may try to exploit your static passwords to their advantage? Do you want to increase your network protection, promote your users productivity and do it without replacing or redesigning your remote access solution?
Now, with DIGITKEY Middleware, you can!
DIGITKEY Middleware - PRODUCT BRIEF
SOLID SECURITY = BUSINESS VALUE Remote Access is one of the most valuable and vulnerable areas in a corporate network. Without remote access, productivity can grind to a halt. Consider what would happen, for example, if your sales people, telecommuting employees, or customers lost access to your central database or other network resources. Today, you canít afford to leave valuable corporate data and systems unprotected. DIGITKEY Middleware is the simple and cost-effective solution to help you positively identify the remote users who are requesting access to your network.
POWERED BY DIGITKEY DIGITKEY strong authentication technology is specifically designed to ensure that remote access doesnít become the weak link in your network security infrastructure. With a DIGITKEY token in hand, your authorized users will be able to prove that they are who they say they are - quickly and easily. They simply use an individually assigned DIGITKEY token to generate a dynamic One-Time-Password and theyíre in business.
EASY TO INTEGRATE DIGITKEY Middleware makes things easy and yet highly secure on the network administratorís end, too. This solution can be used to tighten the security for remote access in ANY RADIUS environment. Itís designed to enforce DIGITKEY strong authentication technology in combination with any RADIUS server. But thatís not all: DIGITKEY Middleware can also serve as a back-end authentication server to any RADIUS enabled firewall application. The secret? DIGITKEY Middleware is an unique software offers RADIUS-proxying capabilities, in addition to strong support for the RADIUS protocol and DIGITKEY authentication devices.
COMPLETELY COMPATIBLE Once DIGITKEY Middleware is installed and configured, you can use the Audit Console to monitor incoming and outgoing RADIUS traffic (or any other events) on the DIGITKEY Middleware server. The Audit Console presents all the statistical information you need to manage your remote access environment - providing details on events that have occurred since DIGITKEY Middleware started running, including:
number of information messages
errors and fatal errors
Both the Admin Graphical User Interface (GUI) and the Audit Console can be run remotely. Both are written in highly portable JAVA Swing-based code to fit future platform support. There are no hardware or software conflicts to worry handling all strong authentication challenges and about, because DIGITKEY Middleware uses a non-intrusive method of enabling DIGITKEY authentication. Simply place DIGITKEY Middleware between the NAS and your existing RADIUS server - without affecting the performance of either.
EASY TO ADMINISTER AND AUDIT DIGITKEY Middleware fits seamlessly into any RADIUS environment without creating new management headaches. A single interface lets you assign and manage the DIGITKEY tokens you've distributed to authorized users, while automatically responses. This same tool also allows you to configure all the other features of DIGITKEY Middleware.
AUTO-MANAGEMENT The DIGITKEY Middleware solution is designed for easy administration, whether youíre authenticating a few dozen remote users, or tens of thousands. By combining powerful features - such as Dynamic User Registration, Auto Token Assign, and Token Graceperiod - the DIGITKEY Middleware technology automatically manages itself after the initial configuration.
DIGITKEY Middleware is extremely flexible, giving you many different ways to create user accounts and assign tokens. In addition to the Auto-Management method, the technology allows you to:
Import users and assign tokens from an input file
"Bulk assign" users and tokens that have been loaded into the database
Assign a token based on a user
Assign a token based on a token
Use command line interface (CLI) to create users and assign tokens
DIGITKEY Middleware - KEY FEATURES
Why use DIGITKEY Middleware?
Strong Two-Factor authentication DIGITKEY Middleware and DIGITKEY solution eliminate the weakest link in any security structure, the use of static passwords. It's a turnkey solution that can be up and running in minutes, not hours or weeks.
Dynamic User Registration (DUR) Refers to the automatic expansion of the DIGITKEY Middleware database to include users who are allowed to authenticate to the third party RADIUS Server. DUR creates the user in the database, if the user account is not yet present, and the third party authenticates the user.
Autolearn passwords Automatically learned passwords is a feature that allows static user passwords, assigned to the user on the back-end RADIUS server, to be autostored in the database. Upon valid DIGITKEY authentication in DIGITKEY Middleware, the "autolearned" user password is automatically played to the back-end RADIUS server.
Token Auto Assign An unassigned DIGITKEY can automatically be assigned to a new user, whether the user was created by the Admin GUI or DUR. A logfile containing the assignment specific parameters (Serial Number, User-Id, User-Name, etc.) is then created.
User Passthru DIGITKEY and static password authentication are supported simultaneously. Passthru allows a user to be authenticated by the back-end RADIUS server without any treatment on the DIGITKEY Middleware. This option can be activated globally, even to the user-level.
DIGITKEY Grace Period The user static password is accepted (for a certain period of time) even when a DIGITKEY has already been assigned. The grace period will end after the specified time has expired, OR at the first time the DIGITKEY is used within this period.
Admin GUI By using Admin GUI, administration can be run locally or remotely, it features all administration previleges such as:
User account administration (Create, Delete, Disable, Modify, Configure Privilege, etc.)
General configuration settings (proxy, Passthru, Token Auto Assign, etc.)
DIGITKEY Middleware SYSTEMS REQUIREMENT
RECOMMENDATION / REQUIREMENT
CENTRAL PROCESSOR UNIT
CPU speed of Pentium 500MHz or faster is recommended. Faster CPU is recommended in the following conditions:
High number of RADIUS authentication / accounting requests
RADIUS requests are proxied to RADIUS servers
One or more Audit Consoles are active
ODBC Auditing is enabled
Server debug option is enabled
RAM capacity of 256 MB or greater is recommended. More RAM is recommended in the following scenarios:
User cache is enabled with a large list of users. Every 10 cached users require approximately 1KB of RAM memory
Running JAVA based Admin GUI or Audit Console
Disk space of 100 MB or greater is recommended. Larger Harddisk Space is recommended in the following situations:
High number of user and token records. Each user and token records occupy approximately 1 KB of disk space
Audit log files that are not archived (backed up then deleted from the disk) frequently
Windows 2000 Server (with Service Pack 1 or above)
Windows NT Server 4.0 (with Service Pack 6 or above)
Winsock Version 2.0 or above.
Microsoft Access database driver version 4.00.4403.02 or above.
JRE Version 1.2 or later for running DIGITKEY Middleware Admin GUI and Audit Console.
LOW COST OF OWNERSHIP; MASTER IT ALL!
DIGITKEY PROGRAMMER offers unrivalled flexibility in accessing DIGITKEY features - and incomparable reaction time. DIGITKEY customers can now initialize DIGITKEY themselves, whenever and as often as they like. So the administrator has the option to controll the DIGITKEY initialization, completely. It supports the DIGITKEY family members and bypasses the need for highly qualified operators.
DIGITKEY PROGRAMMER - PRODUCT BRIEF
REACT FASTER, FOR LESS When the network or organization changes, so do the security needs. So system owners must react quickly. DIGITKEY PROGRAMMER is a full toolkit that allows resellers and/or system owners to support DIGITKEY technology on their networks themselves. It contains everything needed to get acquainted with programming their DIGITKEY tokens. Whether it is a DIGITKEY GO1, PRO300, P550, or P700, they all fit the same DIGILINK that comes with the software. System owners who want to support DIGITKEY in their system can do so without any problem. Or resellers can support their customers by providing them with a full programming service. This cuts the reaction time for network owners.
People leaving or temporary staff jumping in? The DIGITKEY PROGRAMMER enables users to reprogram and re-initialize a DIGITKEY on the fly. No need to wait for new ones that have to be ordered. Makes the most of a small stock of DIGITKEY and lose no time filling in order forms. By doing it in-house, you cut the time needed to get a DIGITKEY in service - and let your people back to business.
WHY LET OTHERS CONTROLLING YOUR SECURITY SYSTEMS? No many solution providers like DIGITKEY SECURITY offers owners' "Total Control" on the security solution.
DIGITKEY PROGRAMMER let's you define and keep your own security secrets (unique encryption keys), so you have total control since step-one, you can even control your token secrets at initialization process. With DIGITKEY PROGRAMMER, you have 100% control on the security solution that you have implemented. Now, nobody is keeping a copy of your secret information, your can sleep-well at night from now on.
DIGITKEY PROGRAMMER - KEY FEATURES
Uses GMT time format to facilitate calls from different parts of the world
Programs a single or full range of DIGITKEY. In this way, you can help out single Customers or program complete batches. In the last case, the smart programming interacts between the PC, DIGILINK and the operator. Serial numbers are checked to make certain the correct DIGITKEY is on the DIGILINK docking station before the programming sequence is effectively started.
Opens only the features of the selected DIGITKEY for security reasons
Integrated database with full query support for viewing, finding, deleting, freeing and assigning serial numbers
Pre-configured security levels templates to help administrators make decisions and adapt the suggested settings to specific needs.
DIGITKEY PROGRAMMER SOFTWARE
Runs on Windows 98, Windows NT 4.0 Workstation / Server, Windows 2000 Professional / Server, Windows XP Home / Professional, Windows Server 2003.
Delivered on a Compact Disc with a red-color DIGITKEY Administrator Token that is used to secure access to the software
Registered users can program an unlimited number of DIGITKEY tokens
Fully easy-to-use graphic user interface
Initialization templates at different security levels for assisting administrator to get the job done
Separate administration, initialization, management and export panels for easier viewing
DIGILINK DOCKING STATION
Supports DIGITKEY PRO300, P560, P600 and P700 tokens. One DIGILINK docking station can be used to initialize almost all DIGITKEY token models.
Serial port connection to the PC
Sophisticated Optical Interface for communication with DIGITKEY PRO300, PRO560 and PRO700