Digipass is a two-factor authentication platform that allows users to authenticate themselves to systems (such as Digipass-enabled Internet banking or E-commerce sites) using IDs generated by handheld hardware devices. The system is based on the combination of hardware tokens possessed by the user and software authentication tools on the server-side that recognize the generated identification keys generated by the user tokens. In brief: a user authenticates to a Digipass-enabled system by supplying their user ID in combination with a one-time password that is generated on-the-fly by the hardware token they possess. Alternate identification schemes include challenge/response mechanisms, where the server generates a specific code that is entered on the hardware device, with a coded response then presented on the device that the user sends back to the waiting server; or a digital signature process wherein the user enters multiple pieces of transaction information pertaining to the task they are performing (such as part number, quantity, and dollar amount in an E-commerce transaction) and the hardware device generates a unique code that can be confirmed by the server. In all cases, the server software is able to recognize the provided ID as generated by the hardware device as false or genuine, allowing for identification based both on the user's known ID and the hardware device they possess. Access by the user to the device itself can also be protected via a user PIN.

The tokens themselves--called Digipass tokens--are offered by the vendor in a variety of flavors; from small single-button keychain devices that generate one-time passwords, to full sized handheld devices with complete numeric keypads and support for smartcards. Additionally, the vendor offers Pocket PC, Palm, JavaPhone, and Windows based software implementations allowing for software generation of one-time identification keys on existing PCs or handhelds; a "Virtual Digipass" process in which the server component sends the IDs to the user via SMS messaging; and Digipass for Web (DP4WEB), in which the user registers online and receives a secure login applet (Java-based) and a cookie that stores their Digipass secret on their PC itself.

On the server side, the vendor offers the VACMAN line of tools for integrating Digipass functionality within applications and platforms. The VACMAN Middleware operates as somewhat of a Digipass-enabled proxy between end users and existing authentication systems; while the VACMAN Controller is an API allowing for the implementation of Digipass functions within custom applications.

Also available from the vendor is the aXs GUARD line of authentication appliances, the result of VASCO's acquisition of Able N.V. aXs GUARD leverage the VACMAN technology, is deployed between the LAN and the Internet, and is now offered in two general flavors: The aXs Guard authentication appliance, which provides standalone Digipass authentication and is offered in three models with scaled performance for SMEs; and the aXs Guard Internet Security Appliance, which includes support for Digipass authentication as well as supports the mix-and-match, customer-selected loading of over 20 modules providing individual security features such as anti-virus, anti-spam, intrusion detection, remote access, SSL-VPN, etc. The aXs Guard Internet Security Appliance is currently offered in 13 models, with various interface options including 10/100/1000 Ethernet, ADSL over analog PSTN/ISDN line, or dual 10/100 Ethernet.

The Digipass product line is available now; the new aXs Guard models are expected to be available on January 1, 2008.

Contact VASCO for further information.

product submission by EITPlanet Staff

E-Mail this page to a colleague
send info about Digipass

Suggest a link
for the Digipass fact sheet