Striving for maximum versatility and convenience is the main trend of our time. It triggers a general affection (which often borders on addiction) for smartphones. For a modern person, these small devices embody the principle “All that is mine, I carry with me”. A regular phone has now become a mini laptop computer, which also enables you to make calls (but it is no longer its leading feature).
Since any computer should have a reliable data protection system and two-factor authentication is one of its most important elements – developers have proposed a solution that turns a smartphone into a full-fledged OTP token. Users and cyber security experts gladly accepted this means of authentication as it is really convenient.
As for the advantages, they are quite weighty. Let’s take Protectimus SMART as an example of a convenient software token for one-time password generation:
- The smartphone is always at hand, available at any time, and the application, installed on it, is also available.
- Token has a PIN-code, allowing protecting an OTP passwords generator from unauthorized access in the case your phone for various reasons occurs into the wrong hands.
- Flexible configurations: the choice of the password length and algorithm of its generation.
- You can create many tokens on one device.
- There are versions available both for Android and iOS Moreover, you can use smart watches Android Wear to get OTP passwords as well.
- It supports the data signing function (CWYS), which allows protecting transactions from such threats as data modification, replacement, and banking Trojans with automated transfer system.
- Data protection with the help of software token Protectimus Smart does not require any expenses – the application is absolutely free.
Do software tokens have any disadvantages? Unfortunately, they do. And the main one is that the devices, on which we install software tokens, are not completely isolated from external influences. First of all, from computer viruses. This is especially true for Android smartphones, the majority of which have those or other vulnerabilities.
Time-tested hardware tokens are completely devoid of this problem. Although many advanced users and experts consider hardware tokens the devices of the past, in reality, today they remain the most reliable means of two-factor authentication. Not the most convenient, perhaps. But this is the matter of dispute.
Is it so difficult to use a traditional hardware token? Let’s try to understand what progressives usually say about it:
- The battery of a hardware OTP token cannot be recharged, unlike the smartphone with the software token on it. Those who think so, forget that the work period of a hardware token battery is 3-5 years. In most cases it exceeds the lifecycle of the smartphone battery. And even more – you have to charge the smartphone’s battery every day. The chances that the smartphone will run down at the right time are much higher than that of the OTP token.
- A hardware token is inconvenient to carry and can be lost. It may be objected saying that you can also lose the smartphone. As for carrying, the modern hardware tokens are very small, light and often have a pleasant design, which makes them nice and stylish things. For example, the token Protectimus One has a shape of a small key fob and can be easily attached to a keychain (which we usually try not to lose too, and constantly carry around). Another solution – Protectimus Slim -is an exact copy of the credit card and it does not occupy much space in your wallet.
- Software tokens are free while hardware tokens are not. There is no sense to dispute this fact, but it must be kept in mind that it is worth it. You pay for high quality and reliability. Thus, the hardware OTP token Protectimus Ultra has the highest security level and is recommended to use on the most important areas of data interchange. It works according to the “challenge-response” algorithm. It takes time into account as an extra authentication parameter. It has a secret key generated during the activation process and unknown even for the manufacturer. To start working with your Protectimus Ultra token, you need to enter a PIN-code.
The one-time passwords can be obtained in different ways, but you should understand that both software and hardware tokens are more reliable than SMS or e-mail delivery. When you use tokens, the OTP passwords are not sent over the GSM or the Internet, where they can theoretically be intercepted.
So which one to choose? There is no simple answer: both software and hardware tokens have their advantages. No matter what authentication methods are applied, the main thing is to use them. By doing this, we care not only about our own safety, but also about the safety of other Internet users.