VASCO
DIGIPASS Software DIGIPASS 110
Plug & authenticate.
Overview:
The DIGIPASS secrets are stored on DIGIPASS 110, not on a computer. A Java applet on the PC creates, together with the secrets stored on the USB stick, time-based one-time passwords that are validated by VACMAN Controller. This zero-footprint approach meets large volume e-commerce and retail e-banking market requirements.
DIGIPASS 110 reduces data security concerns associated with online purchases, password sharing, account access, and financial transactions. By replacing static passwords with a solution that generates dynamic one-time passwords and electronic signatures, organizations are able to secure access to their critical applications without impacting the customer’s user experience.
DIGIPASS 110 cryptographic functions can only be
used in conjunction with the java-applet that the
end-user downloads on his PC. Cryptographic keys
always remain in the DIGIPASS 110 USB stick.
The applet design prevents the most advanced
man-in-the-middle attacks (including real-time
man-in-the-middle attacks).
Features & Benefits:
Strong DIGIPASS authentication
DIGIPASS 110 supports dynamic one-time
password generation applying the proven
DIGIPASS algorithms. DIGIPASS 110 also
features VASCO’s renowned e-signature
functionality. This allows the end-user to
protect online transactions against fraud
schemes such as man-in-the-middle attacks.
It can generate e-signatures based on
unlimited transaction data input.
DIGIPASS 110 complies with regulatory
requirements (e.g. FFIEC).
Registration & activation
Registration of DIGIPASS 110 is as easy as registering a static password. Mass roll-out of DIGIPASS 110 is extremely easy. After subscribing to the service, the end-user will receive the USB-stick with the DIGIPASS secrets. Auto registration takes approximately 10 seconds after the user plugs the USB-stick into the PC. The exact same VACMAN controller integration for user registration/activation can be re-used to support additional VASCO software based DIGIPASS products such as DIGIPASS for Mobile.
Usage
For a secure log-on to a website or to generate an electronic signature, the web server sends a webpage which includes a secure applet, requesting the user’s password. This password is never transmitted to the server. When the password is entered, DIGIPASS 110 and the applet will generate the dynamic one-time password or signature. Optional time-out prevents unauthorized use of DIGIPASS 110.
Validation
VASCO’s VACMAN Controller performs the validation of one-time passwords and signatures generated by DIGIPASS 110. To simplify integration with the web server, DIGIPASS 110 is delivered with all necessary files, including web pages and scripts.
Versatile set of features
DIGIPASS 110 can adapt itself to various security requirements such as prevention of account sharing using a transparent registration process to a man-in-the–middle countermeasure based on DIGIPASS electronic signature.
Java applet
The java applet runs inside standard web browser software making it extremely easy to adapt DIGIPASS 110 for security upgrades and maintenance.
Technical Specifications:
| Technical Specifications | |
|---|---|
| OTP generation |
|
| MAC/signature generation |
|
| Compatibility |
|
| Size | 43.9 mm x 16.1 mm x 4.3 mm |
| Weight | 3 g |
| Compliance | |
| Storage temperature | -10°C to 50°C; 90% RH non condensing |
| Operating temperature | 0°C to 45°C; 85% RH non condensing |
| Vibration | 10 to 75 Hz; 10 m/s2 |
| Drop | 1 meter |
| Immunity | 4 kV contact discharges 8 kV air discharges 3 V/m from 80 to 1000 MHz |
Documentation:
Download the VASCO DIGIPASS 110 Data Sheet (.PDF)