- › OTP Server
- › Cloudentify
- › OTP C100
- › OTP C200
- › OTP C300
- › OTP C400
- › OTP C500
» Login
Feitain Products Center»
OTP Server
The Open Authentication (OATH) initiative is a world wide standard with the aim of bringing strong authentication to the masses. With members including the world's top authentication system providers the organisation has developed a robust algorithm and infrastructure that is being used around the world on a plethora of devices.
FEITIAN, proud to be a contributing partner of OATH, introduces the FEITIAN OTP AUTHENTICATION SYSTEM (FOAS) solution for enterprises, financial institutions and SMEs. By integreating One-Time-Password (OTP) solutions with an application system, organizations can gain the advantages of introducing two-factor authentication for its users. This then leads to a higher level of security than using simple and unsafe static passwords.
FOAS is built to work with your current IT environment. From Citrix to IBM, be safe in the knowledge that FOAS will work with your business instead of against it. With FEITIAN's broad range of hardware and software OTP tokens with event-synchronous, time-synchronous and challenge response features FEITIAN has the turn-key solution for you. Also because FOAS and its tokens are OATH compliant you can be sure your OTP solution is both flexible and future proof.
To order your own FREE SDK and OTP tokens please go to our registeration page to register your interest.
The FEITIAN OTP Authentication System (FOAS) provides comprehensive authentication services to businesses, meanwhile streamlines all authentication operations such as deployment, provisioning and maintenance in order to reduce the IT overhead.
The FOAS architecture includes the following main components:
As well as the three supplementary parts:
With the help of the FOAS, business can gain higher competitiveness with improved trust from end-users and build up a better image in providing advanced security.
The FOAS brings advanced benefits for customers such as:
The following are a few of specifications of the FOAS.
| No. | Technical Parameter | Description |
| No. | Technical Parameter | Description |
| 1 | Amount of users supported | More than 10 million |
| 2 | Throughput per authentication server | <5ms |
| 3 | Bandwidth used for authentication | <1MB |
| 4 | Disaster prevention for authentication data | Backup via cluster |
| 5 | Disaster prevention for authentication data | Backup via cluster |
| 6 | Out-of-band authentication | 2-channel authentication |
| 7 | Supported protocols | RADIUS, LDAP, TCP/UDP, and SOAP |
| 8 | Supported operating systems | IBM AIX, HP-UX, Windows, Linux, and Unix |
| 9 | Supported database systems | Oracle, DB2, Sybase, SQL Server, My SQL, PostgreSQL, MSDE, and Access |
| 10 | Supported length of dynamic password | 6 digits/8 digits |
| 11 | Authentication Server API interface | C/C++, Java, Web Service and more |
| 12 | Authentication agent API interface | C/C++, Java, ASP, ASP.NET, PHP and more |
Network devices (most VPN, firewalls, routers or exchange servers) support standard RADIUS protocol. Other application servers can use this solution as long as they support standard RADIUS protocol.
When an end-user wants to login, the OTP generated by the OTP token will be sent to the FOAS server through the VPN server based on standard the RADIUS protocol. The FOAS server will then return the authentication result to the VPN server, which either grants the VPN client to log in or refuses a login request.
The standard RADIUS solution is easy to employ (simply setup communication with the FOAS server on the application server) with no installation required for the FOAS agents.
Applications such as the Citrix Presentation Server can use the FOAS agent solution. Authentication requests are sent from the Citrix Presentation server Web Interface to the FOAS server through the FOAS Citrix agent.
When an end-user logs in, an OTP needs to be generated by the token and sent to the FOAS server through the FOAS Citrix agent at the Web Interface. The authentication result will be returned to the Citrix Presentation Server to decide whether to allow the end-user to log in.
The FOAS Citrix agent can be simply installed to seamlessly integrate with the Citrix Presentation Server Web interface so as to provide enhanced security.
Applications such as the Outlook Web Access (OWA) Server can use the FOAS agent solution. Authentication requests are sent from the OWA Interface to the FOAS server through the FOAS OWA agent.
When an end-user logs in, an OTP needs to be generated by the token and sent to the FOAS server through the FOAS OWA agent at the Web Interface. The authentication result will be returned to the OWA Server to decide whether to allow the end-user to log in.
The FOAS OWA agent can be simply installed to seamlessly integrate with the OWA Interface so as to provide enhanced security.
Internally, a business may wish to integrate two-factor authentication, specifically OTPs into the domain access process, where the FOAS agent solution can be used. OTP Authentication requests and normal domain authentication requests are forwarded to the FOAS Server and the domain controllers to handle respectively.
When an end-user logs in, an OTP needs to be generated by the token and input through the OTP interface provided by the FOAS domain agent. The authentication result of the FOAS server will be forwarded to the domain controller to decide whether the user is allowed to log in.
The FOAS Domain agents will need to be installed at each domain PC that needs protection.
Web services such as IIS and Apache can use the FOAS agent solution. Authentication requests are sent to the FOAS server through the FOAS Web Server agents.
When an end-user logs in, an OTP needs to be generated by the token and sent to the FOAS server through the FOAS Web Server agent at the Web Server. The authentication result will be returned to the Web Server to decide whether to allow the end-user to log in.
The FOAS Web Server agents can be simply installed to seamlessly integrate with the Web Server so as to provide enhanced security.
All of the above FOAS OTP Solution can be enhanced with the Mobile-based Authentication method. An OTP token is embedded into the mobile phone where a JAVA-based program will be running on the mobile phone to generate OTPs like a normal OTP token.
Similarly, when an end-user logs in, an OTP can to be generated using the mobile phone instead of a normal OTP token and sent to the FOAS server for authentication. The authentication process will be the same and the application server will decide whether the user is allowed to login or not.
There is no difference from the other solutions in terms of implementation of the FOAS system.
With the help of a SMS gateway, the SMS authentication solution can be introduced into the normal FOAS solutions. Authentication requests with OTPs, like normal method, will be sent through normal ways such as Internet to the FOAS server for authentication. However, the OTPs used for authentication are not generated by a normal token, but through a SMS on a mobile phone.
When an end-user logs in, a login request is sent to the FOAS server first to trigger the SMS Gateway to send a SMS with OTP to the registered mobile phone. The rest of the authentication process is unchanged.
*The deployment of the SMS Gateway may require the support from local Telecommunication providers.
If a few types of OTP generators are used in the system, the Single-Sign-On solution is the best choice. Authentication requests, no matter which generation methods used, can be processed by the SSO server and sent to the FOAS server for authentication.
When an end-user logs in, an OTP can be generated by a event-based token, a time-based token, a EMV-CAP smart card reader or a mobile-based token etc. and input through the web server interface, which will be redirected to the SSO server to be further processed. The authentication result will be returned to the Web Server later to decide whether the end-user is allowed to login.
With online banking a common part of our lives, the financial industry faces the following pressing issue: how can the executives of financial organizations and their corresponding IT department provide secure online services to their valuable customers while preventing phishing attacks and other forms of online fraud?
FOAS provides the financial industry the two-factor authentication solution with convenience and confidence. On one side, FOAS can simply integrate into the current IT system or work shoulder to shoulder with any third-party authentication system to support any OATH-complaint OTP tokens; deployment of the OTP tokens needs zero-installation at the user side, which is greatly welcomed by both end-users and organizations. On the other side, the financial organizations will certainly gain confidence using the FOAS with versatile solutions and customizable OTP tokens; the FOAS is confident in offering financial organizations the flexible yet cost-effective solution.
Specifically, the following schemes are recommended for the financial industry:
Education institutions have long been troubled with how to allow only authorized access to certain resources while providing online services to students either internally or externally. Unregistered users should not be able to access those resources that are identified as "students of this school only".
The FOAS provides the education institutions the two factor authentication solution to easily overcome the access problem. Registered students will log into the system with an OTP token which brings the following convenience: 1) students are freed of remembering long fixed password which can be easily stolen; 2) many types of token can be chosen by students, e.g. a mobile token instead of hardware token, SMS over a mobile token or hardware token. Meanwhile, resources are safely protected from other unauthorized hands or careless misuse caused by the stolen of a fixed password.
FEITIAN recommends the following schemes to the education institutions:
Healthcare Organizations strives to provide professional services for patients: health records of each patient needs to be easily managed and accessed when needed; meanwhile, unauthorized hands need to be stopped from those personal sensitive data. Online services can provide easy access and efficient management, however, access security problem is not easy to tackle.
The FOAS proudly presents healthcare organizations with the perfect two factor authentication method. Simply integrating the FOAS into the IT architecture without any change on the existing system, healthcare centers can define and manage all accesses to the critical data: from patients, doctors or nurses. Patients can access their health records and examination results at home with an OTP token; meanwhile not to worry there would be other unauthorized person who would read it. Doctors and nurses can change and manage all health records of the patients and sign any changes made on the data. Again, the FOAS presents flexible token solutions from SMS, mobile to simple hardware tokens.
FEITIAN recommends the following schemes to the healthcare organizations:
Insurance companies have found it hard to provide central data access services to their always-traveling sales representatives. Data, which resides on the server in the company center, needs to be easily accessed by the sales staff who would like to input, delete or modify certain details for a particular customer. However, these sensitive data should never to be changed or viewed by a third party.
Facing this challenge, FEITIAN proudly introduces the FOAS solutions to insurance companies. Sales representatives from the insurance companies can still easily access customer's personal detail using a laptop connected to the Internet, but, with enhanced security. At the data center, unregistered or unauthorized person are never allowed to log into the system. At the customer's side, a sales representative can easily access data at the center by identifying himself with a registered OTP token. Lost tokens would be reported stolen and thus disabled from the system. By doing so, the FOAS solution brings increased confidence to the insurance companies in presenting the best services to their valuable customers.
Specifically, the following FOAS schemes can be used by the insurance companies:
Enterprises are worried that the following situations would happen: an employee has carelessly lost his user name and simple password to the domain, and soon precious resources have been found stolen or copied by unauthorized person; employees on business trips can only connect to the company's server through VPN or terminal server, however, there would be no way to know whether the connection was initialized by the person who claims to be.
In such cases, it is suggested that enterprises take on FOAS solutions. On one side, registered users of the domain will login into the domain with OTPs and the fixed password, which in pair are much harder to be stolen; Services such as Outlook Web Access (OWA) can be easily protected too. On the other side, remotely, employees on business trip will access to the same resources on company's server by using a registered OTP token and known password, whose connection can be identified by the OTPs provided to the system.
Thus, the following FOAS solutions are highly recommended to enterprises for internal protection:
E-government refers to the process of providing government services to citizens or businesses and industries by government agencies through information technologies, such as Wide Area Networks, the Internet and mobile networks). During this process, the government agencies must release personal or commercially sensitive data only against reliably verified identity; provide services only to those entitled to receive them; and protect people against misuse of their identities.
FOAS is the ideal two-factor authentication solution for e-government which easily integrates into the current IT infrastructure without unacceptable changes on the existing system, meanwhile providing convenient but security-enhanced login session with the additional identifier - an OTP token. Through the use of this additional identifier, sensitive data is released to the correct user while services or financial transactions are guaranteed to be carried out between the e-government server and the aimed person. In cases that the identity of the e-government server needs to be verified to protect users from that phishing attack on the Internet, FOAS can easily provide the server identification services.
Specifically, the following FOAS schemes are recommended to the government agencies who wish to carry out e-government services:
With the quick development of online gaming, game vendors have found it hard to control access to the game resources published on their websites, especially when customer population is in large quantities. The user name and fixed password is seen as inadequate in safeguarding the interests of games publishers and gamers alike.
Facing this challenge, FEITIAN presents to online game vendors FOAS. By using the FOAS solution, online game venders can gain full confidence in controlling the access to their assets - online games. Meanwhile, FOAS provides full convenience in controlling tokens by providing a universal interface to control all token types from Mobile token, SMS to hardware tokens.
All online game vendors are highly recommended to take on the following FOAS schemes in providing two-factor authentication solutions in their websites:
As mobile technology are becoming more advanced and mobile devices are making a big impact on daily life, a new type of mobile payment system has emerged, enabling users to pay from their handset devices (especially mobile phones) wherever they are. As the value and use of mobile payment grows, meanwhile, various mobile security procedures and payment methods have been proposed and applied to mobile commerce. This will then require the need in obtaining strong security of mobile data access and transactions.
Having a deep knowledge security technologies, FEITIAN offers an enhanced two-factor authentication solution to vendors, mobile network operators and financial institutions that are involved in the mobile payment business. Adding FEITIAN OTP to your mobile application secures confidential user data from phishing, theft, and other attacks. This ensures access to transactions involving monetary value are not accessed by impostors
FEITIAN OTP solutions are flexible enough to provide an easy, convenient and secure payment alternative via a seamless API integration with your current mobile payments, including:
The retail industry today is faced with intense pressure from global competitors. Whether in the company headquarters, in warehousing, or in retail branches, the correct IT solution in securing access to information is critical to business success. As a result, IT managers are under a lot of pressure to ensure secure access to information and to efficiently manage resources, while minimizing costs. The flexible two factor implementation, under such conditions, is what most retail industry is looking for.
FEITIAN offers an integrated solution for implementing two-factor authentication and authorization, which can be combined with functions for increasing productivity in a secure environment such as single-sign-on or mobile-based authentication etc. The use of FEITIAN OTP ensures security against hacker attacks, data loss and theft. This strengthens security against unauthorized access, which is especially important in the retail industry.
A variety of strong solutions from FEITIAN OTP make retail stores and branch offices even more secure and convenient, including:
| Resource | Last Update |
| 2010-05-07 | |
| 2010-05-07 | |
| 2010-05-07 | |
| 2010-05-07 | |
| 2010-05-07 | |
| 2010-04-21 |
Click here to find more resource of OTP Server for download »
