Vasco Data Security, a leading software security company specializing in authentication products today announced that it is extending its PKI-based product line with two new authenticators: Digipass Key 200 and Digipass Key 860.
DIGIPASS KEY 200 is a USB device with a PKI smart card and secure USB mass storage on a single device. DIGIPASS KEY 860 is a smart card ID device, an OTP authenticator and secure USB storage in one.
DIGIPASS KEY 200 is best suited for use in corporate environments and can be used for local and remote access to the corporate network and applications, the use of PKI for encryption and digital signature and mobile data security. It combines PKI technology, secured mass storage and the possibility to integrate RFID technology for physical access.
DIGIPASS KEY 860 is adapted for banking environments: it helps banks to comply with more stringent financial regulations (Sarbanes-Oxley, Basel II, HIPAA) and enhanced security requirements. It combines OTP technology with PKI and also offers secured mass storage and offers new opportunities to effectively combat phishing and man-in-the-middle attacks.
Both DIGIPASS KEY 200 and DIGIPASS Key 860 offer PKI-based digital signature for e-mails or transactions, encryption capability and strong authentication for PKI-enabled operating systems, VPNs and application. They both combine the security of a smart card with the flexibility of a card reader, allowing the user to generate and securely store digital certificates from any Certificate Authority on the device. The generation of private and public keys is managed on the devices and the keys cannot be exported from the smart card on the devices. Both devices can be used in conjunction with DIGIPASS CertiID, VASCO's PKI-based client software suite and can be integrated within any application supporting PKCS#11, MS CAPI standards and CNG.
DIGIPASS KEY 860 offers device-based OTP generation: with one push on the button of the DIGIPASS KEY 860, an OTP will be generated on the screen of the authenticator. The user will type the OTP into the log-on screen on the PC to access the application.
When combining the use of PKI with OTP, customers will need to install VASCO's authentication server technology (VACMAN® Controller or IDENTIKEY®) to offer event and time based OTP capability next to PKI-functionality.
DIGIPASS KEY 200 offers smart card based OTP generation through the use of DIGIPASS® CertiID.
Secure USB Storage
Nowadays employees often carry sensitive corporate information on portable USB drives. These data are freely accessible and the USB devices can easily be lost or stolen. With DIGIPASS KEY 200 and DIGIPASS KEY 860 sensitive corporate data can be encrypted and stored on the authenticator. For secure storage, user transparent on fly encryption technology is used by both devices: the encryption keys are created on installation and the user will access the sensitive data on the encrypted partition using his PIN. Devices are available with a storage capacity of 2, 4 or 8 Gb.
Both DIGIPASS KEY 200 and DIGIPASS KEY 860 can have three pre-defined memory partitions: a partition with CD-ROM capability, an encrypted partition and a non-secure hard disc partition. On the CD-ROM enabled partition specific software can be stored. For instance banks can store a secured browser on it, this way banking customers will always be directed to the right URL when connecting their USB-authenticator. The information on this partition cannot be altered; as a result customers are protected from phishing and man-in-the-middle attacks. The encrypted partition can be used for secure data storage. For instance in the insurance world a policy could be put on the encrypted partition, the insured can sign it using PKI-based e-signature and would be able to access it for consultation in a later stage on the encrypted partition. The non-secured partition, allows the user to store accessory, non-confidential information.
" VASCO has extended its PKI-based offering, not only were we able to combine OTP and PKI functionality on a single device, we are also able to respond to other growing security needs such as mobile data security, locking of workstations, disc and data encryption. With all new features we are able to offer more functionality to our customers, such as zero foot print deployment or secure browser capability on the device and the combination of logical and physical access for corporate environments," says Jan Valcke, President and COO at VASCO Data Security.