Within today’s Internet environment, cyber threats has become a prominent issue especially in enterprises that offers online application and e-services. Access control with a simple ID and password is no longer sufficient in face of all these threats. These credentials can be easily hacked and obtained through phishing, key loggers, social engineering, Trojan Horses, etc.
To enforce and protect the interests of enterprises and their users, a second-factor authentication (2FA) is introduced. This system allows a second layer of authentication via hardware token or mobile code.
Different layer of security may require different kind of transaction depending on the sensitivity. This system offers 3 types of 2FA for the different requirements of each enterprise; normal One-Time Password (OTP); Challenge Response and Transaction Signing.
DigiSAFE authentication server is designed to meet government and financial institutes’ stringent security and availability specifications. It has been deployed and is currently providing 2FA for various web portals, VPNs, operation system, logins, network devices and emails in government, financial institutes and online healthcare services.
DAS integrates seamlessly with an array of devices and application, such as VPN 2FA login and windows 2FA login. Its suite of APIs supports different programming languages. It supports integration with existing enterprise IT systems.
DAS provides different concept of authentication methods (simple OTP, Challenge Response, or Transaction Signing) Purpose to allow Enterprise to balance between system usability and security requirement, based on sensitivity of transactions.
DAS supports industry standard 2FA hardware token, software token, and SMS OTP.
DAS simplifies the operation through a self-service and user-friendly management dash board. It can generate various 2FA transaction reports, as well as searching specific transaction records.
|Support for variety
of 2FA Tokens:
|• OATH event (HOTP) based algorithm
• OATH OCRA – Challenge/Response and Transaction Signing algorithm
• TR29-compliant Token
• VASCO Token
|SMS OTP support:||• Generate and verify SMS OTP
• Integrate with SMS Gateway through HTTP(S) or SMTP protocol
|• RSA 1024/2048
• PKCS#1 v1.5/v2
Hardware Security Module (HSM):
|Optional for built-in FIPS-certified Hardware Security Module (HSM)|
|Management portal:||• Self-Service management portal
• Users management and devices provision
• Generate reports on user information and authentication history
• Query on authentication records
• System alert through email or SMS
|High Availability:||• RAID configuration within the applicance
• 2 or more DAS can be configured to operate in High Availability or Disaster Recovery mode
|Physical Characteristics:||• Height: 1 U / 2 U
• Redundant 460W / 750W hot-swappable Power Supply
|Network Interface:||Two Gigibit-Ethernet port stand|