Since Freja is based on open standards (OATH) you are free to choose from a host of login devices in order to meet your specific need and budget. In general, OTP devices that comply to OATH are less expensive than their proprietary counterparts. Apart from your own mobile token, Freja Mobile, you can choose tokens from a variety of vendors and mix different devices for various user groups.
Verisec delivers these devices as part of an end-to-end solution in combination with Freja, and we also manage any warranty issues that may arise. We can guarantee all programming and logistics associated with the devices, ensuring that the right device gets to the right user at the right moment. We can also offer personalization of the tokens, with specific colors and logo prints to fit your branding.
Our device range can be expanded to include other vendors that the customer wants us to test with Freja. Verisec’s present range matches the most common devices used in Europe, the Middle East, Asia and North America.
Freja Mobile is the next generation of mobile tokens. It truly leverages the properties of the smartphone which enables a whole new level of security, control and user convenience. With Freja Mobile your smartphone displays in detail what you are approving and what kind of transaction you are signing. It also solves the big security challenges around the mobile platform, not least the challenge of securely provisioning smartphones over the internet which makes it possible to easily enroll large numbers of users at a low cost. Freja Mobile also gives you the flexibility to choose between online functionality, where the user never has to transfer anything manually between the phone and the browser, and an offline version generating one time passwords.
In this category you will find OTP (One Time Password) tokens that does not require a PIN code to generate a password. These tokens are simple, small and user-friendly. Although they are vulnerable to unauthorized use, It is possible to increase security by adding a PIN code or a password in the login interface, thus making them almost as secure as true two-factor authentication.
An OTP token with a small keyboard provides true two-factor authentication. The user has to type in a personalized PIN code in order to receive a one-time password, which ensures a high level of security. Since a combination of two factors is required to generate a new password: a knowledge factor (a PIN code) and a physical factor (a token), this is called “two-factor authentication”.
A card token is an OTP token in credit card format. It comes either as a “one-button” token or with a keyboard, to achieve true two-factor authentication. Since the supple format allows the user to keep the card token in his or her wallet, it is more accessible compared to larger devices. Another benefit is that the card can be equipped with a magnetic strip or a chip, which can be used for access control.
The advantage of a USB unit is that it requires no battery, which is environmentally friendly and increases the life expectancy of the device. Security is equivalent to those OTP tokens without PIN protection described above. By pressing the button on an OATH OTP token, a one-time password is sent to the login window automatically. This means that no password needs to be typed in the password field, which makes the unit easier to use. In most cases no installation of drivers or client software is required.
Freja supports secure login with all OATH based mobile applications and clients. However, we recommend the cost free and well-established application Google Authenticator. Please contact us for more information.
Support for SMS and e-mail authentication is pre-built into the Freja authentication platform. When a user wishes to login, an SMS or e-mail is sent to a pre-defined number or e-mail address. The user can then complete the login procedure based on this message. SMS and e-mail authentication does not in itself provide strong authentication, but allows for a flexible and cost efficient one-time password solution. It is also an excellent method for distributing temporary passwords to users on the road who has forgotten their tokens at home.
Code cards are primarily intended for mass-market applications where the cost of the security device is critical. A code card is produced with multiple one-time codes printed and concealed by a layer of scratch-film. The user reveals the new password by scratching the film.
There are several OATH-compliant apps generating one-time passwords that can be used with Freja. Google Authenticator is a free OATH-compliant app that we have experience of and that works with Freja. However, Google Authenticator is a free 3rd party solution with no SLA’s attached, and therefore no support is available.