DIGIPASS CX2 Datasheet

Reduce social engineering fraud and build trust without adding friction to the user journey. DIGIPASS CX2® enables organizations to benefit from enhanced security
with a flexible solution that ensures regulatory compliance and adapts to evolving business needs.

HIGHLIGHTS

User convenience first
  • Passwordless solution with fingerprint biometrics ensures an intuitive and frictionless customer experience
  • Users can sign transactions and documents anywhere, anytime on any device
  • What you see is what you sign: users get a complete overview of the transaction details before signing
Ultimate user experience
  • Offer a wide range of flexible authentication options and protect users with an invisible layer of security.
Enhanced security
  • Phishing-resistant authentication device mitigates human risk in social engineering attacks
  • Bidirectional channel ensures message authenticity and data integrity
Future proof
  • Secure remote updates enable organizations to support latest authentication standards
  • Easily adapt authentication and transactions flows as business context changes
  • Authentication, transaction verification, document signing, and digital ID credential storage in a single device
Multi-protocol support, regulatory compliance
  • Support for DIGIPASS, FIDO2, and OATH authentication protocol in a single device
  • FIPS 140 Level 3 certified cryptographic module
  • PSD2 compliant

With DIGIPASS CX2, organizations are able to offer their customers digital services while protecting them from advanced fraud attacks. DIGIPASS CX2 is the ideal multi-factor authentication solution to protect against social engineering, Adversary-in-the-Middle (MitM), Adversary-in-the-Browser (MitB), and replay attacks, and prevent account takeovers. DIGIPASS CX2 offers the highest assurance security and the best user experience, helping organizations stop social engineering fraud without compromising trust. 

Flexible authentication, document signing, transaction signing, and digital ID credential storage

Accelerate digital transformation, reduce social engineering fraud, and deliver an exceptional user experience with DIGIPASS CX devices. DIGIPASS CX2 can be used for authentication, transaction authorization, document signing, and digital ID credential storage. The solution supports multiple authentication methods, including FIDO2 and OATH. Organizations can secure their applications and services using the appropriate protocol for each environment.

User friendly transaction validation

Social engineering attacks target the end-user. As phishing and other forms of attacks continue to escalate, organizations need to find ways to stop attacks and mitigate potential damage.

By deploying a solution with the highest level of assurance, organizations ensure that the authenticity and integrity of online transactions is never in doubt. DIGIPASS CX2 is a phishing-resistant authenticator that enables passwordless authentication. The device works in connected mode, so one-time passcodes are never disclosed, but transferred over a secure channel in an encrypted manner. This greatly reduces the likelihood of being exposed to phishing schemes, such as adversary in the middle and adversary in the browser, replay attacks, and account takeovers, as these attacks rely on the disclosure of passwords and one-time-passcodes.

Create an unrivaled user experience

DIGIPASS CX2 eliminates the need to enter passcodes and offers a passwordless approach with a fingerprint biometric that will delight users and build trust. The solution uses a color display and touch screen, enabling a ‘what you see is what you sign’ approach. Users can verify all transaction details on the trusted display before signing a transaction. This contextual information ensures a smooth and transparent signing process while reassuring the user that the transaction details have not changed.

DIGIPASS CX devices help organizations enforce the same level of security and user experience across all the user’s personal devices. DIGIPASS CX2 can connect to a user’s device using USB, Bluetooth or NFC, and can therefore work seamlessly with any device, including mobile, desktop, laptop, or tablet.

digipass cx2

Enhanced security and simplified lifecycle management

DIGIPASS CX2 comes with an integrated cloud management console. The DIGIPASS Cloud Console is essential to establish a secure connection with DIGIPASS CX devices. The DIGIPASS Cloud Console manages the secure communication channel to the device without relying on the security of the underlying transport layers (Bluetooth or Wi-Fi) ensuring message authenticity, confidentiality, and replay resistance.

Organizations can manage the entire end-to-end lifecycle of devices with the DIGIPASS Cloud Console. This enables organizations to gain efficiencies through process automation when creating, configuring, updating, and disabling users and their privileges.

A flexible and futureproof solution

OneSpan has revolutionized hardware authentication with the remote update functionality of DIGIPASS CX Devices and the DIGIPASS Cloud Console. Due to the smart connection between the device and console, secure remote updates can be installed on DIGIPASS CX devices even after they have been deployed and distributed. This gives organizations the flexibility to activate new features, customize user journeys, and adapt to changing situations and new risks by modifying configuration or security parameters as business needs evolve.

TECHNICAL SPECIFICATIONS

Display

Capacitive touch color display with backlight
2.4-inch display size - IPS - 240 x 320 resolution

Size

95.2mm (L) x 58.2mm (W) x 9.9mm (H)

Weight

47g

Camera

640 x 480

Fingerprint Sensor

FPC1523

Bluetooth

Bluetooth 5.2 LE (Low Energy)

NFC

ISO 14443 / card-emulation mode / extended APDU support

Battery

Rechargeable - 320 mAh

Cable

USB-C cable 1 meter (optional)

Power Supply in Connected
m=Mode

Via USB-C, 4.75 to 5.50 volts

Languages

Multilingual Support

Tampering

Tamper evident

ISO13491-1

Dust & Water Resistance

Dust-safe and splashproof

CERTIFICATION AND COMPLIANCE

Short-term Storage Temperature

  • -10° C to 50° C;
  • 90% RH non-condensing
  • IEC60068-2-78 (damp heat)
  • IEC60068-2-1 (cold)

Operating Temperature

  • 0° C to 45° C;
  • 85% RH non-condensing
  • IEC60068-2-78 (damp heat)
  • IEC60068-2-1 (cold)

Vibration

  • 10 to 75 Hz;
  • 10 m/s²
  • IEC60068-2-6

Emission

 

  • EN55022

Immunity

  • 4 kV contact discharges
  • 8 kV air discharges
  • 3 V/m from 80 to 1000 MHz
  • EN55024

Compliant with European Directives

  • CE: 89/336/EEC or 2004/108/EC
  • RoHS: 2002/95/EC
  • WEEE: 2002/96/EC

Compliant with Federal Communications Commission

  • FCC ID: 2AH88-1100
  • IC: 27700-1100