09:18 AM
BS&T Staff
BS&T Staff
Connect Directly

VASCO Adds Strong Host Authentication to DIGIPASS Pin Pads

The one-time password technology is intended to prevent man-in-the-middle attacks and other identity theft attempts.

Software security provider VASCO Data Security International, which specializes in authentication products, will integrate strong host authentication into its DIGIPASS 250, 260 and 270 pin-pad authenticators (which already offer two-factor authentication and e-signature capability) to be available in the third quarter of 2009. According to a release from the company, the strong host authentication offers an enhanced one-time password (OTP) solution that, combined with e-signature, provides an effective tool against identity theft and man-in-the-middle attacks.

By using strong host authentication, end users can ensure the bank or organization to which they are connecting is actively involved in the communication process. The solution also offers banks and other organizations the ability to recognize attempts or instances of online identity theft in real time. According to the Oakbrook Terrace, Ill.-based firm, strong host authentication makes it more difficult for hackers to intercept end-user credentials without first contacting the bank or other organization real-time and attempting to obtain user credentials on a one-to-one basis.

When fully implemented, according to the company, the strong host authentication process will begin when customers provide their claimed identity, using their username, to the secure Web site they wish to access. The bank's server will then provide users with a time-based host one-time password (OTP unique for end users' DIGIPASS authenticator and is only valid for a limited time. Customers will enter the host OTP on their DIGIPASS authenticator, which, after verifying the host OTP, will generate a user OTP that customers will use to log on to the application. If the host-OTP verification fails, however, the DIGIPASS will refuse to generate a user OTP.

"Online fraud constantly evolves; as a result our R&D team continuously looks at developing new technologies and products which make existing security solutions even stronger and even more effective in combating new fraud schemes. Our patent pending strong host authentication is the result of our ongoing investment in new technologies," noted Jan Valcke, president and COO at VASCO Data Security, in the release.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.