Hardware Authentication Features

Resistant to social engineering, DIGIPASS CX authenticators enable passwordless authentication. The devices work in connected mode, so one-time passwords are never disclosed. Instead, they are encrypted and transferred in the back end. This reduces the likelihood of being exposed to schemes that rely on passwords, such as adversary-in-the-middle and adversary-in-the-browser attacks, account takeover, and replay attacks.​

Ensure message authenticity and the integrity of online transactions with DIGIPASS CX devices. Elevate trust in your online and mobile channels, strengthen your relationships with clients, and meet regulatory requirements.​

All DIGIPASS CX devices connect to the DIGIPASS Cloud Console. The DIGIPASS Cloud Console is essential for establishing a secure connection with DIGIPASS CX devices. The console manages the secure communication channel without needing to rely on the security of the underlying transport layers (Bluetooth or WiFi), ensuring message authenticity, confidentiality, and replay resistance. 

Eliminating passwords improves usability. Remove friction and deploy stronger, more convenient authentication with fingerprint biometrics.

Log on, and sign transactions and documents anywhere, anytime, on any device and in all confidence.

While DIGIPASS CX devices can be connected to the desktop via USB, they are also Bluetooth/NFC-enabled. This means they work seamlessly with any user laptop, desktop computer, tablet, or phone, to ensure maximal user adoption.​

Users are presented with contextual information about the service they want to log onto or the transactions they sign. All transaction details are encrypted and presented for verification by the user before signing.

OneSpan has revolutionized the concept of authentication devices with its remote update functionality. Thanks to the connection between the device and the DIGIPASS Cloud Console, secure remote updates can be installed on DIGIPASS CX devices, even after they have been deployed and distributed. This gives you the flexibility to activate new features, customize your users’ journey, or modify configuration or security parameters, in order to adapt quickly to evolving technology, changing business needs, and ever-more sophisticated threats.

DIGIPASS CX devices are designed to meet different business needs, from authentication and transaction authorization, to document signing and credential storage. 

DIGIPASS CX solutions support multiple authentication methods – including FIDO2 and OATH - enabling organizations to secure their applications and services using the appropriate protocol for each environment.​

Effortlessly manage the end-to-end lifecycle with the administrator console provided by the DIGIPASS Cloud Console. Easily create, configure, update, delete, and reassign devices to your user base.

Using the DIGIPASS Cloud Console, you can customize and adapt authentication and transaction flows, languages, and appearance, and publish them directly to your users.

DIGIPASS CX solutions support the FIDO2 protocol and work out-of-the box with any FIDO2-enabled service, ensuring a faster time to market.

DIGIPASS CX solutions integrate with other OneSpan back-end solutions and mobile app solutions, enabling you to develop a hybrid deployment model as needed. 

OneSpan’s transaction data signing solutions create a transaction signature unique to each particular transaction using data such as account number, transaction amount, and a time stamp. This solution preserves data integrity and ensures authenticity – so any changes made to a transaction after it has been electronically signed are invalid.

Use our transaction signing authenticators to combat online and mobile banking threats. Our solutions help defend against phishing, Man-in-the-Middle, and Man-in-the-Browser attacks.

OneSpan transaction signing solutions provide the best of both worlds: security and a simple user experience.

Certain solutions, such as our Bluetooth and Cronto authenticators, provide a WYSIWYS experience (what you see is what you sign), whereby critical transaction information, including payment details, will be presented securely on the display for user validation. The user doesn’t need to type any transaction details into the device at all.

OneSpan’s Cronto solutions are designed to elevate trust in online banking transactions, defend against sophisticated threats, and deliver a frictionless experience for users.

PIN pad authenticators from OneSpan are the ideal password-protected personal identification device for banks, enterprises, and organizations needing to support and maintain a flexible security infrastructure that is easily accessible from anywhere, at any time, by customers and employees.

OneSpan’s Bluetooth Smart-enabled two factor authentication and transaction signing device offers a transparent experience for your users via instant Bluetooth connectivity from almost any mobile device.

Display cards are slightly larger palm-size devices with numeric keypads and the additional security of PIN protection. They support strong authentication with one-time passwords, and additional transaction integrity with transaction signing.

OneSpan’s voice-enabled authenticator converts one-time passwords into speech, offering secure online banking services to blind or visually impaired individuals.

Transaction signing authenticators can be swiftly integrated into any existing IT infrastructure. Our devices are non-personalized and therefore well-suited for any deployment regardless of size.

OneSpan transaction signing authenticators are fully interoperable with other OneSpan hardware and software authenticators, and work seamlessly with OneSpan Authentication Server Framework and OneSpan Authentication Server, as well as 50+ different OneSpan partner applications.

OneSpan transaction signing authenticators are fully customizable with your corporate logo, branding, and custom colors, resulting in higher brand recognition for the end user.