MFA – Biometric PKI Tokens
TrustSec Biometric PKI Token – MFA
TrustSec Smart Token is compatible with both RSA standards and Microsoft standards, which are commonly used by most of the applications to perform their secure operations, some applications are listed as following:
Driverless USB Device
TrustSec Smart Token is a HID device, which means that it doesn’t require any drivers to work. The Plug and Play nature give ease of use and installation during deployment within any environment.
Two and Three Factor Authentication
TrustSec Smart Token family is delivered in two models. The TrustSec Smart Token PRO provide Two Factor Authentication and, another available model is TrustSec Smart Token BIO, which provide Three Factor Authentication.
The three pillars of secure authentication are
Something you know
Ex: (The Token PIN)
Something You Have
Ex: (The Hardware Token )
Something You Are
Ex: ( Fingerprint )
TrustSec Biometric Smart Token is three factor authentication hardware as it requires the Smart Token owner to supply the Token PIN and enroll his fingerprint in order to be able to use the smart token.
TrustSec Smart Token is a hardware device with 32-bit processor. The strength of hardware security is that all keys and cryptographic functionalities are executed on board, keeping all data safe from compromising in unsecure software environment. The recommendation of security institutes (Example: FIPS140-2) secure data must be generated, stored and processed in a separate environment outside the computer. This will protect sensitive user data from digital attacks. TrustSec Smart Token can generate RSA-1024 keys.
TrustSec Smart Token contains secure and encrypted Hardware Storage. This hardware secure storage will keep all users’ keys and certificates secure against any third party attack. TrustSec Smart Token can store up to 10 Certificates on board.
International Standards Compliance
TrustSec Smart Token is built on international standards, keeping it compliant with different tools and third party software. TrustSec Smart Token is shipped with libraries compliant with PKCS#11 and Microsoft CSP. International standards cover: PKCS (1, 5, 7, 8, 10, 11, 2.2 and 12), X5.09 Certificates, CSP and FIPS 140-2-L2. TrustSec Smart Token is certified from ITIDA and compliant with the Egyptian Digital Signature Law.
TrustSec Smart Token is compatible with Windows NT and Linux Platforms.
TrustSec Smart Token libraries can be easily integrated with any application compliant with PKCS#11 or CSP standards. Examples for such applications are Microsoft Outlook™, Thunderbird™, Firefox™ and Internet Explorer™.
TrustSec Smart Token can be easily integrated with any certificates issued from international and trusted third party CAs.
Biometric PKI Token Specification
- Fingerprint Sensor Provided with Softlock Smart Token BIO model.
- Support Operating System Windows (32/64 Bit) 2K, XP, 2003, Vista, 7, 2008 and Linux (32Bit)
- Hardware Interface Plug and Play USB/HID. No driver is required.
- Supported StandardsPKCS (1, 5, 7, 8, 10, 11 2.2 and 12), X5.09, CSP and FIPS 140-2-L2(under evaluation)
- Onboard Cryptography RSA-1024 key generation, RSA-2048 sign/verify, DES, 3DES, AES, MD2, MD5, SHA1, SHA256, SHA384, SHA512, HMAC and DH
- Software Interface PKCS, CSP, SDK library, SDK JNI and SDK COM
- Custom Onboard CryptographyECC, DSA, Twofish, Blowfish, Cast, RC4 and RC6
- Memory Retention 10,000 write cycle and 10 years data retention
- Session Capabilities20 Session, 5 PKI Slots, 20 Symmetric Slots
- Compatible Applications Microsoft Outlook, Thunderbird, Outlook Web Access (OWA)
- Certificate Entrust Certified
- Storage 100 KB, 10 PKI Slots and 40 Symmetric Slots
- Operating Temperature Range -25o to 85o C