• Single token: just one token for all remote applications via all communication channels (Web, phone, fax, etc.).

• Simple operation: user simply enters PIN on the mobile phone keypad to create one-time password; no change to existing familiar Web login procedures.

 

• Unrestricted usage: user is not restricted to a particular PC or phone, and there is no need for a special reader or adaptor.

• Unrivaled speed: fast and easy one-time password (OTP) and digital signature (DS) generation.

• Easy backup: simple downloading of new software token or fast receipt of an emergency "backup OTP" by SMS when a mobile phone is lost or damaged.

• Convenient transfer: easy transfer of OTPs/DSs from mobile phones – acoustically to a PC microphone or phone line, or via a WAP session or SMS.

• Unmatched application flexibility: patented OTP and DS core technology for a wide variety of applications including network access, corporate security, remote banking, mobile payment (credit card or e-purse), homeland security, and eVoting.

• Offline authentication: CIDWAY OTP technology can also be used offline for hardcopy document authentication (e.g. check and fax banking), where OTPs can be verified even years later.

• Multi-channel usage: CIDWAY DS technology can be utilized in the industry's largest number of channels, enabling a mobile phone to transmit a digitally signed transaction to the Internet via a PC, landline call, SMS or mobile WAP session.

• Infrastructure independence: direct transactions can even take place between two individual mobile users without the need for infrastructure.

• Enhanced scalability: designed to easily scale up to a large user base.

 

• No hardware maintenance: software tokens do not require ongoing maintenance, such as battery replacement or fixing/replacing defective components.

 
• Unlimited life: unlike hardware tokens, software tokens can be licensed for unlimited lifetime usage.

• Low acquisition cost: software tokens are inexpensive compared to rival technologies.

• Low deployment cost: cost-efficient remote deployment of software via mobile WAP connection.

• Streamlined management: comprehensive administration software ensures efficient token deployment and management.

• Automatic synchronization: transparent process that never requires tech support or user intervention.

 

• Two-factor authentication: strong two-factor authentication addressing prevalent security risks.

• End-to-end protection: security protection ensured at every step – token deployment, download and registration/enrollment, PIN selection and management, secrets protection, time-based OTP and DS generation and transmission, download/registration server, authentication server, token database, system administration.

• Remote transaction security: advanced protection against phishing, pharming, network eavesdropping (man-in-the-middle), PC trojan horse, key logging, PC monitoring, identity theft, network penetration, phone line eavesdropping, fax or hard copy document interception, customer repudiation, customer privacy violation, customer physical hijack and more.

• Mobile phone protection: advanced mobile phone software protection against module reverse-engineering, PIN sniffers/prediction/tries, module cloning, secrets generation/transmission, module activation, module substitution by phishing, trojan horse, brute force attacks.

• Anti-phishing technology: two-way anti-phishing technology for users to check server authentication.

• Configurable acceptance period: the authorized period of time between one-time password generation and when the user actually logs into a site is configurable. This offers extra protection, especially from man-in-the-middle attacks.

• Genuine PKI Digital Signature:  Unlike other vendors that use a symmetric algorithm to create a message digest, CIDWAY creates a genuine Digital Signature from the mobile phone using an asymmetric algorithm.

• Secure backup: secure customer "backup OTP" offered via SMS when a mobile phone is lost or damaged.

 

• Seamless integration: rapid integration into organization’s infrastructure.

• Flexible deployment: CIDWAY provides advanced administration software that offer flexible and effective token deployment.

• Standard interfaces: CIDWAY Authentication Server interfaces with standard HTTP and RADIUS protocols (for OTP only).

• Embedded SDK: optional software development kit (SDK) can be embedded into any system.

• Minimal impact: advanced mobile acoustic solutions make minimal impact on existing infrastructure.