VASCO DIGIPASS 550Counter Man-in-the-Middle attacks with e-Signatures: What You See is What You Sign
The main security problem presented by man-in-the-middle attacks lies in ensuring the authenticity of transactions in addition to the authenticity of the users who initiate them. DIGIPASS 550 provides user authentication at logon with a one-time password (OTP) and offers electronic signature validation for high-risk transactions – all in one device. DIGIPASS 550 also supports a decimal key on its keypad that allows the input of decimal numbers.
What is an e-Signature?
The e-Signature functionality of DIGIPASS 550 will use different transaction data such as account number and amount, to generate a unique “signature” code for a particular transaction. Other examples of transaction data that can be used are the currency code, country code, number of shares, ticker symbol or any other information the customer whishes to validate. This method, in combination with user authentication with OTPs, renders man-in-the-middle attacks ineffective.
What You See Is What You Sign
DIGIPASS 550 offers a very simple and intuitive way of electronically signing transactions. The user will actually see and understand what he is signing through the use of interactive screen prompts that guide him through the entire process. All that is the left for the end-user to do is to type the transaction data into the DIGIPASS screen to generate an electronic signature.
Features & Benefits:
- Keypad with decimal key to allow the input of decimal numbers
- Standard numeric keypad with the option to replace it by an alphanumeric one
- Contemporary PIN-protected device with an integrated hardcover
- Tough, shock-resistant materials
- Ergonomic keypad and bitmap display support special characters and custom messages
- Can be customized to fit the specific needs of the bank
- Individually programmable security parameters such as the PIN length, number of PIN trials, type of cryptographic algorithm and lengths of challenge and response
- Supports up to four different languages
- Display messages and logos can be customized
- Extended help function can be used to store the helpdesk phone number or other related information
- The inside of the hardcover can be used to for operating instructions or any other information the bank wishes to communicate to its end-users
- Possibility to use default account number and internal counter
- Optimum balance of user-friendliness and cost efficiency
- PIN-protected device with a PIN locking function
- Local device unlocking can be done by the user via PUK or remotely via challenge/response by the helpdesk personnel
- User-changeable PIN - usage and length can be individually selected
Products in this range provide more informative feedback, choice of language, and have large keyboards making them easy to use. Capable of calculating the most sophisticated One-Time Passwords and Electronic Signatures, these models provide the highest level of security. The additional sophistication, however, remains transparent to users, thanks to the intuitive user interface making this solution ideally suited for large user groups.
|Appearance||DIGIPASS 550||DIGIPASS 560||DIGIPASS 580||DIGIPASS 585||DIGIPASS 700|
|Expected Lifetime (years)||5||5||5||5||7|
|Size (mm)||83 x 55 x 6.5||88 x 59 x 7||91 x 64 x 9||91 x 64 x 9||90x60x10|
|Display||one line of 9 by 60 dots||one line of 9 by 60 dots||one line of 16 x 80 dots||one line of 16 x 80 dots||12 digit, 2-line display + icon|
|e-Signature and One Time Password||yes||yes||yes||yes||yes|
|Real Time Clock||yes||yes||yes||yes||yes|
|Buttons||17||11 + 1 jog dial||11 + 1 jog dial||12 + 1 jog dial||16|
Download the VASCO DIGIPASS 550 Data Sheet (.PDF)