Two Factor Authentication
Celestix HOTPin is a tokenless two-factor authentication solution that enables organisations to empower their mobile workforce while ensuring industry leading protection of digital identities and protecting against unsolicited access to corporate resources, a primary reason for the loss of data.
Celestix HOTPin enables organisations not only to mobilise their workforce but allows them also to leverage the remote workers smart device, PC or tablet to act as a token capable of generating an event based one-time password (OTP).
How it works?
One Time Passwords
ATM cards provide two-factor authentication in the tightly controlled environment of ATM machines, where each machine is equipped with a special card reader. It is not feasible to equip every laptop, desktop or tablet with a special device to read a card. That would be cost-prohibitive, time-consuming and extremely impractical.
To provide two-factor authentication for computer services and sites, users rely on a One Time Password that is generated on a device that is uniquely assigned to a user. One Time Passwords (OTP) provides security in a number of ways.
- Always Changing: The OTP changes after a fixed interval of time, commonly every 60 seconds. Even if an unauthorised user noted the OTP, they won’t be able to use it since it would have changed for the next session.
- Tied to a device: TPs are generated using a seed that is uniquely associated with a device. Thus, every user’s OTP will be different. Since the device is assigned to a user, the OTP uniquely authenticates a user and a PC desktop client. By leveraging smart devices or text messaging, the OTP is delivered ‘on demand’ to the user. And, of course, HOTPin easily integrates with AD.
HOTPin client now supports QR codes. Users can scan the QR code and will be instantly logged in to the application in a secure manner. The integration of this function to any web services is simple. The latest HOTPin 3.7 includes API with the samples that help to simplify the integration into your existing server architecture.
- Server License: HOTPin authentication server is available at a fixed priced and requires the procurement of an annual maintenance fee.
- Subscription: User licensing is per registered user and is enforced on the server. One major benefit of HOTPin is that the per license price is fixed, regardless of the token form factor. For instance, the hardware token is priced the same as the soft token. This addresses a key issue in the authentication market, which is the complexity of pricing for various token types.
HOTPin licenses are available on a renewable basis for terms of 1, 2 and 3 years.