Cryptoshop Help! Cryptoshop Contact! Cryptoshop Memo! Cryptoshop Shopping Cart! Place your order! Change to german site!
+ Products
· · · · · · · · · · · · · · · · · · · · · · ·
+ Solution
  Authentication  
  Identification  
  Encryption  
  Development  
  Company Card  
  Winmagic SecureDoc  
  Entrust IdentityGuard  
  Entrust Messaging Server  
  Gemalto - DAS  
  Gemalto - Protiva SA  
· · · · · · · · · · · · · · · · · · · · · · ·
+ Service
· · · · · · · · · · · · · · · · · · · · · · ·
     
Management
· · · · · · · · · · · · · · · · · · · · · · ·
Security Officer
· · · · · · · · · · · · · · · · · · · · · · ·
System Engineer
· · · · · · · · · · · · · · · · · · · · · · ·
Purchasing
· · · · · · · · · · · · · · · · · · · · · · ·
Maintenance
· · · · · · · · · · · · · · · · · · · · · · ·
 
 

Protiva Strong Authentication Server  |  Protiva Licencing

Protiva OTP - how it works
 

Supported Authentication Methods
The following authentication methods are available with the SA Server:

OATH OTP Authentication: The authentication method called OATH OTP Authentication is based on a specification from the The Initiative for Open Authentication (OATH). This authentication method is well suited for unconnected devices and OTP (One-Time Passwords), but can also be used with connected devices. It is the standard authentication method for Protiva SA in an enterprise environment

CAP Authentication: also EMV-CAP (Chip Authentication Program) is a specification from MasterCard. It is a flexible way of using an EMV cryptogram to authenticate a user or sign a transaction. The SA Server can validate several different types of cryptograms that follow this specification. The normal use case for CAP is that the SA Server acts as a backend server, in CAP called a CAP Device Validation Service. This is the authentication method, when EMV (banking) cards shall be used for OTP authentication, and need special provisioning etc...
How does Protiva work

How does Protiva work source: Gemalto


Protiva - looking for an OTP Match

Protiva - looking for an OTP Match source: Gemalto


Based on a seed value and a counter the SA End user device (smart card) and the Protiva SAServer are calculation a passcode. Is the passcode entered identical to the passcode the server has calculated, then authentication is successfull.

Of course this is just one factor "something you have" - the token, the second factor is of the kind "something you know". You have to concatenate a PIN or Password with the Passcode as second factor, which can be the Domain Password, which is the case when you run Protiva SAS in "mixed mode" for enterprise use, or a special extra PIN which is the case when you run the Server in Database Mode, usually when used for web application (Extranets,..)

Protiva SAS Agents
Protiva Strong Authentication can be integrated into above mentioned Web applications seamlessly, but authentication to enterprise infrastructure is based on other solutions like VPN. Protiva SA has several agents for such solutions on the client tier side, which encourage these clients to handle strong authentication with Protiva SA.

Protiva SAS Agent Software extends the Internet Authentication Service (IAS) to provide one-time password authentication using Gemalto's smart card technology. It forwards authentication requests sent to the IAS server along to the Protiva SAS, which verifies the validity of the one-time password generated by the smart card. The Strong Authentication Agent Software interacts with the Protiva SAS by submitting authentication requests, receiving authentication results, and then granting or denying end-user access to other host resources across the Internet while providing front-end Web interfaces.

There are more specialised agents for e.g. ISA Web filter, there is an OWA IIS Agent, Steel-Belted RADIUS (SBR) Agent, Citrix Agent or Freeradius agent.
Protiva & IAS agent

Protiva & IAS agent source: Gemalto


Browser Plug-IN
The Protiva Strong Authentication Client Browser Plug-in is used for secure network access in a connected mode using Protiva SA enabled devices. It communicates with the smart card through the user's PC to simplify the user experience and to protect against providing identity credentials to fraudulent Web sites. The plug-in requires only 7Kb of memory for the package and instance, and can be downloaded from a Web site, CD or other storage device.

Based on the Gemalto Sconnect Technology, the script which takes the OTP from the connected device can also be embedded directly to Web Pages
DOWNLOADS
 
Protiva SA Server Brochure
Protiva SA Devices Brochure
Smart Enterprise Guardian
To get protected by Protiva - Gemalto movie
Strong Authentication Demo Site by Gemalto
Protiva Site by Gemalto


Gemalto - Protiva SA   In a world where securing network identities are key success factors for enterprise business operations, Gemalto brings Protiva, a packaged offer for enterprise network security based on One-Time-Passwords, generated by .NET smart cards from Gemalto.


Protiva Strong Authentication Server   Protiva SA is a three-tiered syteme. The server tier backend running one or more servers for authentication and other applications, and administrative “Customer Care” portals for system and user management.

Protiva Licencing   Protiva Stong Authentication Licences are usually bought together with the hardware token. There is no extra server licence for Strong Authentication Server.


Back to previous page!Top of page!To the startpage of Cryptoshop.com!
  Gemalto - Protiva SA  
  Protiva Strong Authentication Server  
  Protiva Licencing  
 
  Gemalto .NET IM V2+  
 
Legal notice Terms and Condtitions Consumer notice Privacy Newsletter Copyright © 2004 CRYPTAS. All rights reserved