Strong Authentication’s Old Reliable, the Hardware Token Still Going Strong

It has been clear for years that passwords alone are not enough to protect your company’s assets, networks, applications and data.  In fact, Verizon did an analysis in 2017 that determined 81% of data breaches globally involved the misuse or stolen or weak passwords.  With the number of breaches increasing every year, and the cost and consequences of those breaches also on the rise, the time to act is now.

Multi-factor authentication is essential in today’s environment.  It increases security by combining one or more “factors” to verify that the person who is asking for access is who they say they are.  These factors include something you have (a smart card or a mobile credential carried on a smartphone or other mobile device); something you know (such as a PIN), and something you are (biometrics).

More and more companies are subject to compliance regulations, and strong authentication with the corresponding audit trails are popular requirements.  The European Union’s PSD2 regulations for financial institutions and GDPR privacy requirements for citizens are two examples.  But other parts of the world are not immune.  Most companies will be affected by GDPR, and their own government initiatives, such as HIPAA for Healthcare in the US.     

One steadfast method of deploying multi-factor authentication for employees is the hardware token.  For the employee, this is often a small, handheld hardware device that calculates a time-bound string of numbers that can be used as a one-time password (OTP).   The user then enters this passcode (something they have) plus a PIN (something they know) to prove their identity to the asset they want to access.  Behind the scenes, this value is compared to the value calculated on a back-end authentication platform using the same techniques and inputs, including clock and event counters, authentication keys, and algorithms.  If the OTPs match, the user gains access, and that event is logged in the platform’s audit trail.

Hardware tokens have been around for over a decade, and they are still a popular choice for many organizations.  It’s a familiar user experience for the workforce, and the tokens themselves last a long time.  Tokens have also evolved beyond the standard keyfob form factor.  There are also options that can fit in a wallet, are robust enough for field operations, and can accommodate and assist the visually impaired.  But there is more to it than that.        

Want to learn more?  We recently released an infographic that outlines some of the reasons why tokens are still a popular choice in 2018.  Download that here.  For more information about our token portfolio, visit: our product page.