CA ArcotOTP Versatile Authentication Solution for Mobile Phones

Similar documents
solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?

CA Arcot RiskFort. Overview. Benefits

CA Service Desk Manager - Mobile Enabler 2.0

Advanced Authentication Methods: Software vs. Hardware

CA SiteMinder SSO Agents for ERP Systems

BlackBerry Enterprise Solution and RSA SecurID

SOLUTION BRIEF ADVANCED AUTHENTICATION. How do I increase trust and security with my online customers in a convenient and cost effective manner?

Authentication Strategy: Balancing Security and Convenience

SOLUTION BRIEF CA ADVANCED AUTHENTICATION. How can I provide effective authentication for employees in a convenient and cost-effective manner?

BES10 Self-Service. Version: User Guide

How CA Arcot Solutions Protect Against Internet Threats

expanding web single sign-on to cloud and mobile environments agility made possible

RSA SecurID Two-factor Authentication

Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011

Global Bank Achieves Significant Savings and Increased Transaction Volume with Zero-Touch Authentication

Proposed Service. Name of Proposed Service: Technical description of Proposed Service: Registry-Registrar Two-Factor Authentication Service

Strong Authentication for Secure VPN Access

HOTPin Integration Guide: DirectAccess

How To Comply With Ffiec

Strong Authentication for Juniper Networks

NetIQ Advanced Authentication Framework

PRODUCT SHEET: CA Arcot Cloud Services Data Centers CA Arcot cloud services data centers. True multi-tenancy and scalability

BlackShield Authentication Service

Designing a CA Single Sign-On Architecture for Enhanced Security

CA SOLVE:Central Service Desk for z/os

Welcome Guide for MP-1 Token for Microsoft Windows

Protecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks

ViSolve Open Source Solutions

CA APM Cloud Monitor. Scripting Guide. Release 8.2

SafeNet MobilePASS Version 8.2.0, Revision B

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

SafeNet Authentication Service

Department of Veterans Affairs Two-Factor Authentication MobilePASS Quick Start Guide November 18, 2015

Flexible Identity. OTP software tokens guide. Multi-Factor Authentication. version 1.0

A brief on Two-Factor Authentication

Entrust IdentityGuard

Mobile Time Manager. Release 1.2.1

CA VPN Client. User Guide for Windows

WHITE PAPER AUGUST Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords

RECOVERY OF CA ARCSERVE DATABASE IN A CLUSTER ENVIRONMENT AFTER DISASTER RECOVERY

Internet Banking Two-Factor Authentication using Smartphones

STRONGER AUTHENTICATION for CA SiteMinder

Secure Web Access Solution

WHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ)

Netop Remote Control Security Server

Using Entrust certificates with VPN

CA Adapter. Installation and Configuration Guide for Windows. r2.2.9

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

Securing Virtual Desktop Infrastructures with Strong Authentication

Defender 5.7. Remote Access User Guide

RSA SecurID Software Token Security Best Practices Guide

CA Cloud Service Delivery Platform

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

CA Mobile Device Management. How to Create Custom-Signed CA MDM Client App

VPN Client User s Guide Issue 2

CA Nimsoft Monitor. Probe Guide for Performance Collector. perfmon v1.5 series

CA Spectrum and CA Embedded Entitlements Manager

Defender Token Deployment System Quick Start Guide

MIGRATION GUIDE. Authentication Server

Installing Logos SSL Certificates on Mobile Devices

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Strong Authentication for Microsoft TS Web / RD Web

BlackBerry Desktop Manager Version: User Guide

CA Nimsoft Service Desk

BlackBerry Enterprise Server. BlackBerry Administration Service Roles and Permissions Version: 5.0 Service Pack: 4.

Closing the Biggest Security Hole in Web Application Delivery

Remote Access Securing Your Employees Out of the Office

Web Admin Console - Release Management. Steve Parker Richard Lechner

Strong Authentication for Juniper Networks SSL VPN

Secure Payments Framework Workgroup

Yubico Authenticator User's Guide

Administration Guide. Wireless software upgrades

Presentation Rundown. Introduction Product Overview Product Features Product Value Product Applications Question and Answer

Authorize.Net Mobile Application

User Guide. BES12 Self-Service

RSA SecurID Software Token 1.0 for Android Administrator s Guide

Proven. Trusted.

Multifactor authentication systems Jiří Sobotka, Radek Doležel

CA Nimsoft Monitor. Probe Guide for E2E Application Response Monitoring. e2e_appmon v2.2 series

DIGIPASS as a Service. Google Apps Integration

Authorize.Net Mobile Application

Application Note. Intelligent Application Gateway with SA server using AD password and OTP

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

CA Technologies optimizes business systems worldwide with enterprise data model

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

BlackBerry Web Desktop Manager. Version: 5.0 Service Pack: 4. User Guide

Strong Authentication for Microsoft SharePoint

2 factor + 2. Authentication. way

The Essentials Series: Enterprise Identity and Access Management. Authentication. sponsored by. by Richard Siddaway

agility made possible

The NIST Framework for Improving Critical Infrastructure Cybersecurity - An Executive Guide

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide

Ultra-strong authentication to protect network access and assets

Transcription:

PRODUCT SHEET CA ArcotOTP CA ArcotOTP Versatile Authentication Solution for Mobile Phones Overview Consumers have embraced their mobile phones as more than just calling or texting devices. They are demanding access to online applications no matter where they are, making them more vulnerable to internet attacks. The incidence of fraudulent online activity and related theft has driven the quest for better ways to authenticate access to applications such as online banking, e-commerce and Web portal access. Benefits Traditional security methods require a hardware token to authenticate access to these applications. In most cases, a separate token is required for each account the user wants to access. The solution use the mobile phone as an authentication device. Mobile phones have become nearly ubiquitous and much more powerful than in the past. Why not take advantage of a device that is already part of a person s everyday life? CA ArcotOTP turns mobile phones into one-time-password (OTP) authentication devices which can be used to generate an OTP for multiple accounts, so there s no need to carry multiple hardware tokens. CA ArcotOTP supports a variety of standard OTP algorithms including those specified by OATH (HOTP/TOTP) and EMV (CAP/DPA).

CA ArcotOTP Turns Mobile Phones into Authentication Devices CA Arcot provides a wide range of fraud detection and multifactor authentication methods to reduce the risk of online fraud for e-commerce, Web portal and remote access. We provide authentication methods that are strong, yet easy to use. Recognizing the expansion of the use of mobile phones worldwide, CA Arcot provides a mobile application, CA ArcotOTP, that allows you to use your phone as a secure authentication device. CA ArcotOTP is a software application that runs on a mobile phone and generates a one-time password that is used to authenticate to online applications and to verify valid credentials for online purchases. Organizations and their customers no longer need to settle for weak password authentication or require users to carry a separate authentication token. CA ArcotOTP runs on virtually all mobile platforms and authenticates users with a choice of OTP standards. CA ArcotOTP supports multiple OTP algorithms including those specified by OATH (HOTP/TOTP) and EMV (CAP/DPA). The OTP algorithm can be selected based on the application. All of the OTP methods can be used on the same mobile phone thus supporting multiple accounts. No wireless or other connectivity is needed to generate the one-time-password. CA ArcotOTP allows organizations to provide strong authentication at a lower cost of ownership than traditional hardware tokens, while increasing the security and convenience for their customers. 2

+ + FIGURE 1. CA ArcotOTP Authentication Process + + CA ArcotOTP High Security, High User Convenience Security is achieved by storing the associated keys in the CA ArcotOTP key container which resides on the user s phone. The CA ArcotOTP keys are protected by CA Arcot patented cryptographic camouflage key concealment technology, which protects the keys from brute force and dictionary attacks. CA ArcotOTP allows users to easily generate an OTP to authenticate to online applications with a device that is already part of their everyday life. When the user logs into an online account, the experience is identical to conventional HOTP/TOTP solutions. The CA ArcotOTP application on the user s phone generates the one-time password that is requested by the online application the user is trying to access. Similarly, CA ArcotOTP replicates the user experience for online shopping consistent with the MasterCard CAP and Visa DPA programs without requiring a disconnected card reader. 3

Supports mobile phones, PDAs, Desktops CA ArcotOTP works on the world s leading mobile platforms including Apple iphone, BlackBerry RIM, Google Android, and Windows mobile. The CA ArcotOTP solution also works on most Nokia phones, and with most smart phones by Samsung, LG, Motorola and Sony Ericson that are equipped with Java, MIDP 2.0 and CLDC 1.1. In addition, CA ArcotOTP runs in JavaScript in a desktop web browser. Mobile Phone Authenticates Multiple Applications CA ArcotOTP can manage and authenticate to multiple accounts from a user s mobile phone. Users can easily select the web portal, VPN, or online account they want to access and CA ArcotOTP will generate the correct single use password for the selected account. Based on Open OTP Standards CA ArcotOTP is based on open standards including EMV CAP/DPA, HOTP and TOTP. One-time or single-use password is a mechanism where users provide a new password every time they access a site. The OTP is generated by a device carried by the user. If an attacker steals the password, it is useless because it won't be valid the next time the user accesses the site. The attacker cannot calculate the password without the shared secret between the user and the validation site. In general, there are two types of OTP event based and time based. Event based OTP (EMV, HOTP) generates a new password every time based on a counter. The counter must be synchronized between the client and the server. The server recognizes a valid OTP generated by a legitimate customer. Time based OTP (TOTP) is similar except that an OTP is valid only for a short amount of time. 4

MasterCard s Chip Authentication Program (CAP) and Visa s Dynamic Passcode Authentication (DPA) are implementations of the EMV standard. Both programs require a hardware device to be distributed to users for authentication. The user receives an EMV Chipcard and a small disconnected reader that is carried with the user. During a web purchase the user inserts the card into the reader and types in a PIN. The Chipcard generates a dynamic passcode: a decimal string derived from an internally generated cryptogram. The user reads it and types it into a web form or speaks it aloud during a telephone purchase. However, CAP/DPA solutions have not solved the administrative or distribution problems associated with any hardware device or token. They are costly to deploy and use, and inconvenient for the user. Hardware solutions require the user to carry the device with them any time they want to shop online. But physical devices are easily forgotten or lost. CA ArcotOTP is an all-purpose secure software passcode generator that supports standards including EMV, OATH and RFC 2289. It implements MasterCard CAP and Visa DPA without requiring a disconnected card reader. The user s mobile phone runs the CA ArcotOTP application that generates the dynamic passcode. The card reader image appears on the phone and depicts the card reader interface experience with the same buttons, options, and menu items. This provides a seamless transition for those customers who have previously used the disconnected reader and is easy for new users to learn. CA ArcotOTP allows users to easily generate an OTP to shop online or gain account access with a device that is already part of their everyday life. 5

Fully Compatible with Existing Infrastructure CA ArcotOTP is consistent with EMV, HOTP, and TOTP standards. No changes need to be made to authenticating server-side operations. The user can use their mobile phone to automatically generate the one-time-passcode to be entered to gain access to their account or to complete the payment transaction + + + + 6

The CA Technologies Advantage CA ArcotOTP provides organizations and their customers with a one-timepassword solution that runs right on the user s mobile phone, eliminating the need for the organization to deploy additional hardware tokens. As a result, organizations no longer need to settle for weak password authentication and customers no longer need to carry a separate authentication token just to get stronger authentication. Since CA ArcotOTP supports multiple OTP algorithms, including those specified by OATH (HOTP/OTP) and EMV (CAP/DPA), all of the OTP methods can be used on the same mobile phone supporting multiple accounts. CA ArcotOTP allows organizations to provide strong authentication at a lower cost of ownership than traditional hardware tokens while increasing the security and convenience for their customers. Copyright 2011 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or noninfringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill, or lost data, even if CA is expressly advised in advance of the possibility of such damages. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information