Single Button OTP
Event-based | Time-based
Secure Digital Signing
The c300 OCRA Token is a PIN protected offline time or event based authentication token and supports digital signing of online transactions as well. When performing an online banking operation a user can transaction specific information into the OCRA keypad, the device will take this information along with the time and the user's unique key to generate and attach a digital signature to the exchange, ensuring that any unwarranted third party data modification will be detected immediately.
The OCRA challenge response process can be used to authenticate the identity of users in a variety of situations not strictly limited to online use cases, for instance over the telephone. The process of deriving a seed based response from a specific challenge sequence can be used to validate the identity of a token operator. This identification interaction can be used to authenticate the validity of the institution or organization requesting personal information from the token operator as well.
'Mutual Authentication' confirms the legitimacy of a website or server
Before a password is revealed, the user must satisfy the challenge factor presented by the token. The challenge response system is based on a shared secret key which can also be used to verify the legitimacy of a website or server requesting personal information from a token user. "Mutual Authentication" as this process is known, is becoming an ever more important as instances of illegitimate data requests from cleverly constructed imposter (phishing) sites are steadily on the rise.