Authentication Factor: Hardware Token
AuthControl Sentry® supports users with an extensive range of authentication factors, including the traditional hardware token for effortless and secure authentication.
Why Use a Hardware Token?
Although there are many ways to authenticate access to applications,
the hardware token provides a solution to organisations where restrictions
on the use of mobile devices apply, such as energy (electricity, oil & gas),
aerospace and defence.
One-time code (OTC)
The hardware token is a small, mobile fob that can be carried around by users so they can authenticate access to applications.
It works by providing the user with a one-time code (OTC) they can use to authenticate access to their protected application. By typing the OTC into their device, they can securely access their application. Every time the button on the hardware token is pressed, it provides a new code, ensuring infiltration is prevented.
Swivel Secure's AuthControl Sentry offers a choice of OATH types.
For short OTC display times and consecutive use, the Swivel OATH compliant HOTP token is ideal.
When the code needs to be displayed for longer or entered within a short time window, the Swivel OATH compliant TOTP token provides these options.
Users of hardware tokens can spend a lot of time on-site and
outside in often challenging conditions.
The hardware token has:
- a robust hard case for maximum durability,
- a large, clear LCD display for poor lighting conditions,
- and the reset button is ideally located, so it can be easily utilised to provide a new code when conditions are challenging.
Secure Token Distribution Process
At Swivel Secure we take the secure distribution of tokens very seriously. Our distribution process ensures that tokens are delivered and confirmed received by the customer, prior to a multi-channel communication seed distribution process taking place. This communication method ensures that users are authenticated via two distinct communication channels prior to being able to access the token seeds.
The table opposite shows the distribution flow. Our token seeds are sent in two formats:
Swivel Secure proprietary format (Base 16 hex) and Microsoft Azure seed format (Base 32)
|User Interface||6-characters high contrast LCD display, Built-in button.|
|Security Algorithms||OATH compliant event-based HOTP or time-based TOTP|
|Memory Type||Random Access Memory (RAM)|
|Endurance||More than 14,000 clicks|
|Battery Lifecycle||4 years|
|Power Consumption||Less than 0.005mW|
|Operating Temperature||(-4°F ~ 158°F) (-15.6 degC ~ 70 degC)|
|Humidity||0% ~ 100% without condensation|
|Security||Tamper evident, IP54 ingress|
Maximum security wherever you are
Whether the user is on an offshore oil platform or numerous levels deep within a defence facility, they can still access their applications by authenticating with the hardware token and the one-time code (OTC) it provides.
Designed for durability and ultimate security, the hardware token is always an alternative method of authenticating access to applications, for organisations requiring their users to authenticate in remote or challenging environments. The hardware token is also utilised in financial institutions and call centres where mobile devices are forbidden.