Gemalto's OTP - You Hold Your Own Keys

Gemalto’s takes your security very seriously and has leveraged our strong background in security to design an OTP solution ensuring your OTP keys cannot be compromised while being easy to deploy and use. With multiple form factors (OTP token, OTP display card, mobile OTP app), Gemalto has the right product to meet your needs. Some key advantages to the Gemalto solution are:

Your Keys are Secure:

  • Random Key Generation (No Master Key) - Each key (token seed) is randomly generated using secure crypto-processor HSM (hardware security module). This ensures that no one person can have unauthorized access to your OTP seeds.
  • No Individual Key Access – With no master key, and using an HSM to generate true random seeds, no one person has the ability to access or remove OTP keys. This ensures that no one can walk away with a master key and no one terminal would be able to gain access to the token seed management.
  • Secure Key Management – Keys are communicated and managed using the same system designed and certified for managing bank account holder data in credit card production (process certified by MasterCard and Visa) protecting over 500 million users records to date.
  • Live Provisioning (No Key Storage) – By using a .NET based connectable OTP device (token or card) and/or mobile OTP products does not require key storage by providing on-site provisioning of the device where key generation on your premises. Gemalto does not store your keys.
Easy and Flexible Deployment:

  • Co-exist with other security devices – If you are in the process of phasing out one vendor and moving to Gemalto, the Gemalto OTP solution can co-exist with your other authentication provider.
  • Open API – Gemalto provides an open API to provide the ability to easily integrate with existing applications and Gemalto SA Server.
  • Simple Authentication Server InstallationSA Server  can be installed on existing infrastructure and take less than ten minutes for initial configuration. The server work with leading identity store providers (i.e., Microsoft Active Directory) and can quickly sync between the authentication server and existing user information for OTP seed provisioning.
    • Protiva Strong Authentication Service – A flexible service offering to meet your business needs for implementing strong authentication without the management overhead or OPEX needed to provide OTP device fulfillment, user on boarding, and management of OTP authentication. (Link to Protiva Strong Authentication Page)
  • Multiple OTP Form Factors – With the Gemalto OTP solution, you have the option to provide different form factors to meet your users’ specific needs. The form factors include a OTP token, OTP display card, and mobile OTP app
  • Automated Seeding Process – By syncing with an existing identity store, SA Server simply links an OTP seed with the user account. This allows the user to self-activate once they have received their OTP device or downloaded the mobile OTP app.
     
Getting Started and Maintaining OTP Deployment

  • Complete Fulfillment Service – Why maintain a stock of OTP tokens? Gemalto can provide complete OTP fulfillment including order handling, packaging, shipping, tracking and provisioning the OTP hardware device (token or display card). For the mobile OTP app, Gemalto provides a portal for redirection to appropriate app store based upon the user’s smart phone device (i.e., redirected to Apple app store for iPhone app download).
  • No Batch Fulfillment Requirement – Gemalto will ship an individual hardware OTP device to and individual end user or provides the option to ship in batches to a central distribution point. 
  • Webstore Option – Gemalto can create a custom webstore for your users to order their OTP device and provide shipping information. For cost allocation, each device or batches of devices could be purchased through the webstore attributing the cost to the specific group or cost center associated with the user. .

Back to: Overview
Back to: Certificate Based Authentication

Downloads

Identity and Access Solutions Overview

Protiva Strong Authentication

Securing people, networks and data

Identity and Access Solutions Overview [PDF - 1mb]

IDConfirm

Protecting your network identities.

IDConfirm [PDF - 545kb]

Protiva Mobile Solutions

Protiva Mobile Solutions

One-time passwords go even further.

Protiva Mobile Solutions