Presentation is loading. Please wait.

Presentation is loading. Please wait.

eToken Virtual and MobilePASS

Published byClifford Jenkins Modified over 9 years ago

Similar presentations

Presentation on theme: "eToken Virtual and MobilePASS"— Presentation transcript:

1 eToken Virtual and MobilePASS
Software Authenticators

2 Agenda Software authentication overview Product portfolio
eToken Virtual MobilePASS Market background Identifying the opportunity

3 The Highlights What is Software Authentication?
Two-factor authentication solutions that enable secure remote network access and digital signature functionality without the need for a physical hardware authenticator Available in a OTP and Virtual Smartcard platform What can you do with it? Securely access web-based online services and corporate networks (VPN) Digital signature applications (PKI only) What makes it an innovation in two-factor authentication? Convenience: no hardware to carry Management: simplified administration Reduced TCO: reduced costs associated with hardware provisioning and deployment Security: two-factor authentication without the need for hardware

4 Software Authentication
Simplified management No hardware deployment Two-factor authentication Certificate-based authentication OTP or Remote Network Access Digital Signature* *eToken Virtual only

5 Authentication Matrix

6 Hardware vs. Software: Pros and Cons
Hardware Authenticators Software Authenticators Usability Must be delivered & deployed Users need to carry a physical device with them Increased downtime (can be misplaced, stolen or broken) Easy to distribute and deploy Less hassle as does not require additional dedicated device Less downtime Security More secure Enable combined physical proximity (RFID) More secure than passwords but less secure than a physical authenticator Don’t comply with the high security standards of an actual smartcard Less secure than a hardware authenticator TCO More costly per device Deployment & operational expenses Affordable - Lower TCO than physical authenticators

7 Software Authentication Product Portfolio

8 Software Authentication Solutions
eToken Virtual Certificate-based two-factor software authentication security solution which provides full public key cryptographic functionality such as secure remote access, network access and digital signing MobilePASS OTP two-factor software authentication that offers the convenience of one-time passwords generated on your mobile device, PC or portable storage device

9 The Solution: eToken Virtual
NEW! Virtual smartcard with full PKI functionality Software PKI-Based Strong Authentication on PC / Removable Drives Applications Secure remote access Network access Digital signing Virtual Smartcard – functions like a hardware authenticator SSO PC security

10 eToken Virtual Security Features
AES Encryption: Keys & certificates are securely created and stored in eToken Virtual Device Locking: eToken Virtual contents are locked at time of provisioning to a specific storage device or PC Policy Data Signing: Enforces password complexity according to organizational policies Memory Protection: Prevents content being written to disk Key Deletion: private data is replaced by random data and rewritten to disk to ensure no trace remains “Given most users’ aversion to passwords, coupled with the inability to remember more than a few without writing them down, IDC believes that solutions such as soft tokens, certificates, one-time passwords, and hardware-based tokens will make rapid gains.” IDC - Worldwide Identity and Access Management Forecast and 2006 Vendor Shares

11 eToken Virtual Technical Specifications
Management: eToken TMS 5+ Security Application: eToken PKI Client 5+ Operating Systems: Windows: XP, Vista, Windows Server 2003 & 2008 (32-bit and 64-bit) Mac* OS X 10.4 (Tiger), (Leopard) Linux distributions*: CentOs 5.2 (32-bit and 64-bit), Red Hat (32-bit and 64-bit), Ubuntu 8.04 (32-bit), Fedora Core 9 (32-bit), SUSE 10.3 (32-bit)

12 eToken Virtual Deployment– Administrator Use Case
Administrator enrolls eToken Virtual for a specific user from the TMS Manage. The only supported use case is enrollment to a removable flash device: eToken TMS and eToken Virtual licenses are acquired by the company to provide two-factor authentication using software authenticators. eToken TMS is installed and all the required connectors are configured to enable eToken Virtual usage. Administrator plugs in the user portable device and starts the enrollment process from the TMS Manage web site. eToken Virtual is created on the portable device, locked and set with the initial user password. Notification is sent to the user with the eToken Virtual password. User receives the device and can use it for the authentication.

13 eToken Virtual – User Enrollment Use Case
User accesses the TMS Service web site and enrolls eToken Virtual: TMS and eToken Virtual licenses are acquired by the company to provide two-factor authentication using software authenticators. TMS is installed and all the required connectors are configured to enable eToken Virtual usage. User enters TMS Service web site to enroll eToken Virtual. eToken Virtual is created on the user computer, locked and set with the user password OR user can enroll the eToken Virtual to a portable drive, based on the TMS TPO settings, configured by the administrator. User can use the eToken Virtual for the authentication. NOTE: Admin Rights Required for eToken PKI Client Installation

14 Use Case: Check Point VPN Network Access
User logs into computer and connects via VPN to corporate network 2. eToken Virtual requests user’s credentials eToken Virtual 3. eToken Virtual validates credentials 4. Secure connection is established

15 The Solution: MobilePASS
OTP passwords generated on Windows desktops or mobile devices Applications Remote Access VPNs Terminal Server Citrix applications Outlook Web Access and other web-based applications including customer-facing online services such as banking, education portals and health care “Phone-based authentication tokens [are] becoming increasingly popular, and we predict that 50 percent of future two factor authentication implementations will use phone-based tokens.“ Ant Allen, Gartner Analyst User Authentication Beyond the Password, June 2008

16 The Solution: MobilePASS
Supported Platforms Windows Desktop BlackBerry Windows Mobile Java ME Smartphone SMS & delivery - (with SafeWord 2008 and SafeWord ESP only) Management eToken TMS SafeWord 2008 with SafeWord ESP Note: MobilePASS appears under the name SoftOTP in the current eToken TMS 5.0 CA release. The name will be updated to MobilePASS in the upcoming eToken TMS 5.1 GA release.

17 MobilePASS – Overview (cont.)
For Mobile Devices MobilePASS turns your mobile phone into a strong authentication device. When you log in to your secure network from your laptop or PC, the quick-launch on your mobile phone will generate the one-time password you use to complete your login. For Windows Desktop & Portable Storage Devices MobilePASS for Windows Desktops allows you to generate one-time-passwords on your Windows desktop through a locally installed OTP application or on portable storage devices. Users simply generate a one-time password from their desktop and use it to log on securely to the desired application.

18 MobilePASS – Enrollment and Usage
eToken TMS and MobilePASS license are acquired by the company to enable OTP using software authenticators. Administrator enrolls MobilePASS authenticator for the user in the TMS Manage. The user receives the MobilePASS authenticator, an activation code and PIN via , SMS etc.. The user installs the MobilePASS software. The user enters the activation code and activates the software. OTP is generated using the received PIN. Using the OTP, the user logs on.

19 Use Case: Secure Access to Financial Portal with MobilePASS

20 Software Authenticator Management
eToken TMS enables full life cycle management Including TMSservice - End-user portal The End-user site enables tasks such as: Enroll a new authenticator Update the content of an enrolled authenticator Change/Reset eToken password Disable/Enable an eToken Replace a Lost/Damaged authenticator (including revocation) Manage OTP authenticator including MobilePASS Enroll eToken Virtual and eToken Virtual Temp

21 Additional software solutions using TMS:
eToken Virtual Temp Time limited temporary authenticator which can be used for a limited period of time instead of a permanent authenticator For each authentication, the user can enrol one temporary virtual authenticator. eToken Rescue Users who lose their authenticators can create an eToken Rescue authenticators (default expiration 1 month, max 3 months)

22 Market Background

23 Market Drivers Need for an alternative to physical authenticators
Ease of use and convenience for end users Lower TCO for management and deployment Expansion of online Web services Education Healthcare Financial services Extension of enterprise services Partner portals VPN access Digital signing Need to address risk and compliance “Number of crimeware websites surge in largest jump ever in Dec. 2008” Anti-phishing Working Group

24 The Mobile Authentication Market
IAM in the mobile market is growing rapidly, according to IDC. CAGR of 26.8%, to reach over $50 m by 2012 in the mobile market alone. Presumably, this is mostly OTP. Source: Based on data from IDC, Mobile Security Device Market, March 2008

25 Target Markets B2C and B2B organizations that are interested in providing secure access and digital signing capabilities to customers, partners and employees Solution Remote Access Digital Signing Enterprise Out-the-box Online services

26 Identifying the Opportunity
Deployment Organizations who want to implement two-factor authentication but don’t want the constraints of hardware deployment or that are cost sensitive to the costs associated with hardware deployment Security Organizations who want to implement two-factor authentication but do not necessarily need the full security of a hardware-based solution Digital signing Organizations that already have authentication solutions in place but who want to add digital signing capabilities for specific users Consumer-facing Consumer or B2C deployments where user convenience is crucial and hardware deployment is too costly Flexibility Organizations that want to add more flexibility to their existing authentication infrastructure

27 Key Selling Points Convenience and simplicity for users – no hardware to carry around Simplified management and administration Balances ease of use, security and cost Eliminates the cost of hardware deployment Extends the flexibility of organizations’ security infrastructure by complementing existing hardware solutions Compatible with SafeNet’s broad range of OTP and certificate- based authenticators allowing you to tailor security solutions to use cases and risk levels “IDC believes that… soft tokens, …will make rapid gains… in the US, compliance, industry pressure, and cost concerns will result in mostly software-based solutions.” IDC, 2007

28 Thank You www.aladdin.com www.safenet-inc.com

Download ppt "eToken Virtual and MobilePASS"

Similar presentations

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
McAfee One Time Password

McAfee One Time Password
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work.

ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work.
© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo Client Offerings For Service Providers Ceedo Client Workspace Virtualization.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo Client Offerings For Service Providers Ceedo Client Workspace Virtualization.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.

A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.
 Physical Logical Access  Physical and Logical Access  Total SSO and Password Automation  Disk/Data Encryption  Centralized management system  Biometric.

 Physical Logical Access  Physical and Logical Access  Total SSO and Password Automation  Disk/Data Encryption  Centralized management system  Biometric.
EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.

EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.

15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
eToken PKI Client Overview

eToken PKI Client Overview
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.
Transform your desktop with virtualization. 22 Agenda Evolution of VDI VDI Solution VDI Use Cases Questions & Answers.

Transform your desktop with virtualization. 22 Agenda Evolution of VDI VDI Solution VDI Use Cases Questions & Answers.
Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -

Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -

Similar presentations

Ads by Google