Hardware Authentication Features

Mitigate fraud and secure high-value transactions with user friendly Digipass® hardware authenticators and two factor authentication

DIGIPASS CX​

High Security

Enhanced Security​

Mitigate social engineering fraud​

Resistant to social engineering, DIGIPASS CX authenticators enable passwordless authentication. The devices work in connected mode, so one-time passwords are never disclosed. Instead, they are encrypted and transferred in the back end. This reduces the likelihood of being exposed to schemes that rely on passwords, such as adversary-in-the-middle and adversary-in-the-browser attacks, account takeover, and replay attacks.​

Secure transaction signing​

Ensure message authenticity and the integrity of online transactions with DIGIPASS CX devices. Elevate trust in your online and mobile channels, strengthen your relationships with clients, and meet regulatory requirements.​

Secure communication channel

All DIGIPASS CX devices connect to the DIGIPASS Cloud Console. The DIGIPASS Cloud Console is essential for establishing a secure connection with DIGIPASS CX devices. The console manages the secure communication channel without needing to rely on the security of the underlying transport layers (Bluetooth or WiFi), ensuring message authenticity, confidentiality, and replay resistance. 

Customer Experience

Unrivaled User Experience​

Passwordless solution

Eliminating passwords improves usability. Remove friction and deploy stronger, more convenient authentication with fingerprint biometrics.

Do business anywhere, anytime

Log on, and sign transactions and documents anywhere, anytime, on any device and in all confidence.

Different connection options

While DIGIPASS CX devices can be connected to the desktop via USB, they are also Bluetooth/NFC-enabled. This means they work seamlessly with any user laptop, desktop computer, tablet, or phone, to ensure maximal user adoption.​

What you see is what you sign

Users are presented with contextual information about the service they want to log onto or the transactions they sign. All transaction details are encrypted and presented for verification by the user before signing.

Line-of-Business

Flexible, future-proof and versatile​

Secure remote updates

OneSpan has revolutionized the concept of authentication devices with its remote update functionality. Thanks to the connection between the device and the DIGIPASS Cloud Console, secure remote updates can be installed on DIGIPASS CX devices, even after they have been deployed and distributed. This gives you the flexibility to activate new features, customize your users’ journey, or modify configuration or security parameters, in order to adapt quickly to evolving technology, changing business needs, and ever-more sophisticated threats.

One device for different business needs

DIGIPASS CX devices are designed to meet different business needs, from authentication and transaction authorization, to document signing and credential storage. 

Multi-protocol device

DIGIPASS CX solutions support multiple authentication methods – including FIDO2 and OATH - enabling organizations to secure their applications and services using the appropriate protocol for each environment.​

Easy to Integrate

Easy to integrate and manage​

End-to-end lifecycle management

Effortlessly manage the end-to-end lifecycle with the administrator console provided by the DIGIPASS Cloud Console. Easily create, configure, update, delete, and reassign devices to your user base.

Customize authentication and transaction flows

Using the DIGIPASS Cloud Console, you can customize and adapt authentication and transaction flows, languages, and appearance, and publish them directly to your users.

Works out of the box with any FIDO2 enabled service

DIGIPASS CX solutions support the FIDO2 protocol and work out-of-the box with any FIDO2-enabled service, ensuring a faster time to market.

Plays nicely with other OneSpan solutions

DIGIPASS CX solutions integrate with other OneSpan back-end solutions and mobile app solutions, enabling you to develop a hybrid deployment model as needed. 

One-button Authenticators

High Security

High Security

One-time Passwords (OTP)

Easily enable two factor authentication with one time passwords (OTPs) to secure access to your data and applications. One time passwords provide stronger security than traditional static passwords, which can easily be guessed, hacked, or intercepted.

Secure Multiple Applications

OneSpan’s one-button authenticators support multiple OTP technologies, offering enhanced security for organizations that need to secure multiple applications with a single Digipass device.

Cost

Reduce Costs

No Expiry Date

None of our hardware tokens has an expiration date. The long battery life minimizes costly replacements and improves total cost of ownership – no need to replace entire batches of authenticators after a fixed period of time.

Durable Design

OneSpan’s one-button authenticators are tamper-resistant and designed to withstand extreme physical conditions.

Easy-to-use

Easy To Use

Unmatched User Acceptance

Not all security measures require sophisticated procedures and multiple steps to authenticate users. The OneSpan one-button authenticators are extremely easy to use. The user simply presses the button to generate the one-time password in order to remotely logon to an application, website, or network.

Form Factors

We offer different types of one-button authenticators. From a simple one-button device to a display card, there will always be a hardware device to suit your needs.

Portability

Digipass hardware authenticators are extremely portable thanks to their small form factor. They can easily be carried on a keychain or in a pocket or purse. Our range of display cards are just the size of a credit card.

Customization

Customization

Customizable Design

All our one-button authenticators can be easily customized with your corporate logo, colors, and branding.

Customizable Algorithms and OTPs

OneSpan one-button authenticators can be programmed to use time and/or event-based algorithms. The length of the OTP and welcome message can also be customized for some of our authenticators.

Easy to Integrate

Easy To Deploy

Rapid Integration

Integrating OneSpan’s one-button authenticators into an existing network is simple. Static passwords or existing TAN lists (pre-printed lists of Transaction Authentication Numbers) can instantly be replaced with more secure one-time passwords.

Interoperability

Our one-button authenticators are fully interoperable with all OneSpan hardware and software authenticators, and work seamlessly with OneSpan Authentication Server Framework and OneSpan Authentication Server, as well as 50+ different OneSpan partner applications.

Transaction Data Signing Authenticators

Transaction Validation

Transaction Security

Preserve Data Integrity

OneSpan’s transaction data signing solutions create a transaction signature unique to each particular transaction using data such as account number, transaction amount, and a time stamp. This solution preserves data integrity and ensures authenticity – so any changes made to a transaction after it has been electronically signed are invalid.

Mitigate Fraud

Use our transaction signing authenticators to combat online and mobile banking threats. Our solutions help defend against phishing, Man-in-the-Middle, and Man-in-the-Browser attacks.

Customer Experience

User Experience

Security and Simplicity

OneSpan transaction signing solutions provide the best of both worlds: security and a simple user experience.

Certain solutions, such as our Bluetooth and Cronto authenticators, provide a WYSIWYS experience (what you see is what you sign), whereby critical transaction information, including payment details, will be presented securely on the display for user validation. The user doesn’t need to type any transaction details into the device at all.

Line-of-Business

Multiple Technologies

Cronto® Authenticator

OneSpan’s Cronto solutions are designed to elevate trust in online banking transactions, defend against sophisticated threats, and deliver a frictionless experience for users.

PIN Pad Authenticators

PIN pad authenticators from OneSpan are the ideal password-protected personal identification device for banks, enterprises, and organizations needing to support and maintain a flexible security infrastructure that is easily accessible from anywhere, at any time, by customers and employees.

Bluetooth Authenticator

OneSpan’s Bluetooth Smart-enabled two factor authentication and transaction signing device offers a transparent experience for your users via instant Bluetooth connectivity from almost any mobile device.

Display Cards

Display cards are slightly larger palm-size devices with numeric keypads and the additional security of PIN protection. They support strong authentication with one-time passwords, and additional transaction integrity with transaction signing.

Voice-enabled Authenticator

OneSpan’s voice-enabled authenticator converts one-time passwords into speech, offering secure online banking services to blind or visually impaired individuals.

Easy to Integrate

Easy To Deploy

Rapid Integration and Deployment

Transaction signing authenticators can be swiftly integrated into any existing IT infrastructure. Our devices are non-personalized and therefore well-suited for any deployment regardless of size.

Interoperability

OneSpan transaction signing authenticators are fully interoperable with other OneSpan hardware and software authenticators, and work seamlessly with OneSpan Authentication Server Framework and OneSpan Authentication Server, as well as 50+ different OneSpan partner applications.

Customization

Customization

Customization Options

OneSpan transaction signing authenticators are fully customizable with your corporate logo, branding, and custom colors, resulting in higher brand recognition for the end user.

Card Readers

Shield with a checkmark in it

Transaction Security

Preserve Data Integrity

OneSpan’s transaction data signing solutions create a transaction signature unique to each particular transaction using data such as account number, transaction amount, and a time stamp. This solution preserves data integrity and ensures authenticity – so any changes made to a transaction after it has been electronically signed are invalid.

Mitigate Fraud

Use OneSpan card readers to combat online and mobile banking threats. Our solutions help defend against phishing, Man-in-the-Middle, and Man-in-the-Browser attacks. Our range of connected and unconnected readers supports secure transaction signing as well as two factor authentication for OTP (one time passwords).

Customer Experience

User Experience

Security and Simplicity

OneSpan transaction signing solutions provide the best of both worlds: security and a simple user experience.

Certain solutions, such as our Bluetooth and Cronto authenticators, provide a WYSIWYS experience (what you see is what you sign), whereby critical transaction information, including payment details, will be presented securely on the display for user validation. The user doesn’t need to type any transaction details into the device at all.
 

Line-of-Business

Different Technologies

Cronto-enabled Card Reader

Our Cronto-enabled smart card readers are advanced transaction signing devices that combine a secure smart card reader with patented Cronto technology that leverages the latest in visual cryptogram security. These solutions are designed to help financial institutions protect online banking applications from sophisticated cyber threats, while delivering outstanding user convenience.

Bluetooth-enabled Card Reader

OneSpan’s Bluetooth smart device creates an immediate virtual secure connection between the authenticator and the mobile device. This means your mobile users don’t need to perform any additional tasks, like entering a password or plugging in a USB cable, to gain secure access to online applications and conduct transactions from their mobile devices.

Unconnected Card Readers

OneSpan’s range of unconnected card readers optimize investments in smart card technology by extending smart card use to include OTP (one time passwords) and transaction signatures.

USB Card Readers

OneSpan USB card readers can be used in connected and unconnected mode. When connected they can be used for PKI solutions, such as e-ID or e-health applications. In unconnected mode they offer two factor authentication (2FA) and transaction signing capability and are ideal for environments with high security requirements, including PKI/digital signature, secure PIN verification, corporate network access, e-banking, and e-commerce transactions.

Voice-enabled Card Reader

OneSpan’s voice-enabled authenticator provides secure online banking services to blind or visually impaired individuals and includes a voice-based user interface, a voice-based signature and one-time password, and acoustic feedback on PIN, reference, challenge, and amount fields. This smart card reader satisfies the Disability Discrimination Act and the APACS standard.

Customization

Customization

Customization Options

OneSpan transaction signing authenticators are fully customizable with your corporate logo, branding, and custom colors, resulting in higher brand recognition for the end user.

Get started with your strong authentication project today

OneSpan offers a range of easy-to-use Digipass hardware authenticators to secure accounts, transactions, and remote access.