Authenticators are based on public key infrastructure.
Press Release Summary:
Suited for local and remote access to corporate network and applications, DIGIPASS® KEY 200 consists of USB device with PKI smart card and secure USB mass storage on single device. DIGIPASS® KEY 860, adapted for banking environments, combines smart card ID device, OTP authenticator, and secure USB storage. Both offer PKI-based digital signature for emails or transactions, encryption capability, and strong authentication for PKI-enabled operating systems, VPNs, and application.
Original Press Release:
VASCO Data Security Extends its PKI-Based Product Line with DIGIPASS KEY 200 and DIGIPASS KEY 860
Oakbrook Terrace, Illinois, Zurich, Switzerland, November 12, 2009 - VASCO Data Security Inc. (Nasdaq: VDSI; www.vasco.com ), a leading software security company specializing in authentication products today announced that it is extending its PKI-based product line with two new authenticators: DIGIPASS® KEY 200 and DIGIPASS® KEY 860. DIGIPASS KEY 200 is a USB device with a PKI smart card and secure USB mass storage on a single device. DIGIPASS KEY 860 is a smart card ID device, an OTP authenticator and secure USB storage in one.
DIGIPASS KEY 200 is best suited for use in corporate environments and can be used for local and remote access to the corporate network and applications, the use of PKI for encryption and digital signature and mobile data security. It combines PKI technology, secured mass storage and the possibility to integrate RFID technology for physical access.
DIGIPASS KEY 860 is adapted for banking environments: it helps banks to comply with more stringent financial regulations (Sarbanes-Oxley, Basel II, HIPAA) and enhanced security requirements. It combines OTP technology with PKI and also offers secured mass storage and offers new opportunities to effectively combat phishing and man-in-the-middle attacks.
PKI functionality
Both DIGIPASS KEY 200 and DIGIPASS Key 860 offer PKI-based digital signature for e-mails or transactions, encryption capability and strong authentication for PKI-enabled operating systems, VPNs and application. They both combine the security of a smart card with the flexibility of a card reader, allowing the user to generate and securely store digital certificates from any Certificate Authority on the device. The generation of private and public keys is managed on the devices and the keys cannot be exported from the smart card on the devices. Both devices can be used in conjunction with DIGIPASS CertiID, VASCO's PKI-based client software suite and can be integrated within any application supporting PKCS#11, MS CAPI standards and CNG.
OTP functionality
DIGIPASS KEY 860 offers device-based OTP generation: with one push on the button of the DIGIPASS KEY 860, an OTP will be generated on the screen of the authenticator. The user will type the OTP into the log-on screen on the PC to access the application.
When combining the use of PKI with OTP, customers will need to install VASCO's authentication server technology (VACMAN® Controller or IDENTIKEY®) to offer event and time based OTP capability next to PKI-functionality. DIGIPASS KEY 200 offers smart card based OTP generation through the use of DIGIPASS® CertiID.
Secure USB Storage
Nowadays employees often carry sensitive corporate information on portable USB drives. These data are freely accessible and the USB devices can easily be lost or stolen. With DIGIPASS KEY 200 and DIGIPASS KEY 860 sensitive corporate data can be encrypted and stored on the authenticator. For secure storage, user transparent on fly encryption technology is used by both devices: the encryption keys are created on installation and the user will access the sensitive data on the encrypted partition using his PIN. Devices are available with a storage capacity of 2, 4 or 8 Gb.
Both DIGIPASS KEY 200 and DIGIPASS KEY 860 can have three pre-defined memory partitions: a partition with CD-ROM capability, an encrypted partition and a non-secure hard disc partition. On the CD-ROM enabled partition specific software can be stored. For instance banks can store a secured browser on it, this way banking customers will always be directed to the right URL when connecting their USB-authenticator. The information on this partition cannot be altered; as a result customers are protected from phishing and man-in-the-middle attacks. The encrypted partition can be used for secure data storage. For instance in the insurance world a policy could be put on the encrypted partition, the insured can sign it using PKI-based e-signature and would be able to access it for consultation in a later stage on the encrypted partition. The non-secured partition, allows the user to store accessory, non-confidential information.
"VASCO has extended its PKI-based offering, not only were we able to combine OTP and PKI functionality on a single device, we are also able to respond to other growing security needs such as mobile data security, locking of workstations, disc and data encryption. With all new features we are able to offer more functionality to our customers, such as zero foot print deployment or secure browser capability on the device and the combination of logical and physical access for corporate environments," says Jan Valcke, President and COO at VASCO Data Security.
About VASCO:
VASCO is a leading supplier of strong authentication and e-signature solutions and services specializing in Internet Security applications and transactions. VASCO has positioned itself as global software company for Internet Security serving a customer base of over 9,000 companies in more than 100 countries, including almost 1,350 international financial institutions. VASCO's prime markets are the financial sector, enterprise security, e-commerce and e-government.
This document may contain trademarks of VASCO Data Security International, Inc. and its subsidiaries, including VASCO, the VASCO "V" design, DIGIPASS, VACMAN, aXsGUARD and IDENTIKEY.
For more information contact:
Jochem Binst, +32 2 609 97 00, jbinst@vasco.com
Ludivine Toutenhoofd
PR Assistant
Vasco Data Security
The Authentication Company
HQ: Koningin Astridlaan 164 - 1780 Wemmel - Belgium
tel : +32 2 609 97 00
fax: +32 2 609 97 09
My Direct Line: +32 2 609 97 42
e-mail : lto@vasco.com
http://www.vasco.com
