Related Items

Zero Footprint Tokens PDF Print E-mail

These are zero-footprint alternatives that send one-time passcodes via SMS or email to the intended user. The only requirement is that the user be able to receive an SMS message on an existing device such as a cell phone. In some cases it is not practical to issue traditional hardware or software tokens to users. It may be that the intended users will log on so infrequently that the cost of issuing and distributing a token is not justified. It may be that the user is a temporary worker or contractor. Whatever the case, the SMS On-demand token is an excellent alternative to traditional tokens.

Our new SMS On-demand token turns any mobile device capable of receiving an SMS message into a token. There’s no software to install, and no waiting – your OTP is on your phone before you need it. Every time you logon using your OTP, a new OTP is sent to your phone. And while it’s likely that nobody else has access to your text messages, using the OTP with your PIN (which is not sent by SMS) ensures that your security won’t be compromised even by accident. And like all of our tokens, an SMS OTP can never be reused.

 

Why choose an SMS token?


Mainly because your users can be authenticating almost instantly, using a device they use every day. There’s no investment in hardware, never a need to worry about purchasing and distributing software tokens, and never a need to recover a token. Users don’t require training and as we keep saying, there’s never any waiting to logon.

Is OTP by SMS reliable?


While SMS messaging is generally very reliable we figured 100% reliable was the minimum. So if an SMS message doesn’t arrive because a phone is off or in a dead zone, the user simply browses the secure self-service site and requests an OTP resend via SMS or email. Easy, always available and always secure.

Is OTP by SMS Secure?


We think that requiring both a PIN which is not sent by SMS in addition to the OTP provides a very high degree of security. Without the PIN, the SMS OTP is useless. And if a user is ever concerned that their PIN has been compromised by shoulder-surfing or other means, once again they can use the secure self-service site to change their PIN.

Key Features

  • No software to install
  • No hardware to distribute
  • Compatible with any device capable of receiving an SMS message
  • Token may be issued and revoked as often as desired - no repurchase is necessary