With its multi-OTP devices, VASCO is responding to existing customers of traditional authentication solutions who have a need to secure additional applications without yet introducing online transaction signing.

DIGIPASS one-button devices providing single one-time passwords (OTP) are ideally suited for user-friendly user authentication. Multi-OTP one-button devices can secure multiple applications with a single authentication device using different OTPs. With every push on the authenticator's button, the security level of the calculated OTP is enhanced.

Multiple OTP for different applications

VASCO positions the multi-OTP devices for the secure use of different applications in banks:

o Online banking (customer logon and payment validation)
o Stock trading
o Cash retrieval at the ATM
o Manage insurance policies

The single one-button authentication device can generate multiple one-time passwords (OTP). Multi-OTP devices also provide a solution for banks with divisions responsible for certain applications operating in independent legal entities. From a customer interaction perspective, they often want to supply the end-user with only one authentication device, but for internal purposes they require separate security implementations.

Multi-OTP technology also provides a solution for ASPs who have several applications they want to secure with a single DIGIPASS but using different OTPs for different applications.

Multiple OTPs generated by a one-button DIGIPASS

The entire DIGIPASS GO-family, VASCO's range of one-button authentication devices, can be equipped with multi-OTP technology upon customer request. One DIGIPASS will be able to generate up to three different OTPs. The different OTPs will have distinct features such as the length of the OTP and a customized message displayed before the OTP generation, avoiding that the user would present a wrong OTP.

The multi-Oi-OTP device operates as follows:

o When pressing the one-button device once, the user will obtain an OTP which most likely will be used to log-on to the online application.
o When pushing the button twice, a customized message will be displayed followed by an OTP. This OTP has a different length than the OTP used for log-on and could be used as a payment OTP to known or trusted accounts.
o When pushing the button three times, another customized message and OTP will be generated. This third OTP could be an OTP for high risk transactions, for instance to validate high value payments or payments to unknown accounts.
o On the fourth push of the button, the DIGIPASS will be switched off.

Real-time decision on which OTP should be used

Multi-OTP technology allows banks to decide real-time which OTP should be used for which application. For instance, when executing a high-risk transaction the end-user will be prompted to provide a different OTP than the one he uses for log-in. Hence the multi-OTP devices provide enhanced security compared to traditional one-button devices. A different OTP is used for log-in and payment validation; a specific OTP is used for transactions to known accounts, thus minimizing fraudulent transactions; and minimizing the risk for man-in-the-middle attacks to happen considering the end-user will have to be convinced to provide a high risk OTP.

"With the launch of our multi-OTP patent pending DIGIPASS devices, VASCO showcases its commitment to innovation. We continuously keep track of security trends and fraud attacks and we develop our products and technology to stay ahead of these evolvements. With our multi-OTP devices we clearly meet a market demand to secure more channels with a single device. Furthermore our multi-OTP devices are DIGIPASS Plus Ready, allowing customers to benefit from our DIGIPASS as a Service, cloud-based authentication offering," says Jan Valcke, President and COO at VASCO Data Security.