In general, a conventional authentication token is a device that creates one-time passcodes (OTPs) for use in authenticating a user to an authentication entity. To this end, the user activates the authentication token, e.g., by pressing a button. The authentication token then derives an OTP from a seed (or encryption key) and outputs the OTP, e.g., by displaying the OTP on a display to the user.
During a typical authentication session such as when the user wishes to obtain access to a resource (e.g., the user wishes to login to a website), the user provides the user-derived OTP to the authentication entity. The authentication entity compares the user-derived OTP with an independently-derived OTP for that user. If the user-derived OTP and the independently-derived OTP match, the user has successfully authenticated with the authentication entity and the authentication entity grants the user access to the resource. However, if the user-derived OTP and the independently-derived OTP do not match, authentication is unsuccessful and the authentication entity denies the user access to the resource.
Authentication tokens are available in a variety of different shapes and/or sizes. For example, some authentication tokens take the form of a keychain attachment. Other authentication tokens are credit-card shaped with a correspondingly thin profile. Yet other authentication tokens take the form of a small calculator. Devices, which are similar to those described above, and which have a generally rectangular body extending from a rounded end are disclosed in U.S. Design patents D517,440, D516,929 and D511,983 which are assigned to RSA Security Inc. of Bedford, Mass.