Strong authentication tokens are well known in the art. They allow service providers and applications to authenticate the possessor of the token, by providing credentials that could only be generated with knowledge of a secret or key that is shared between the authentication server employed by the service provider or application on the one hand, and the authentication token on the other hand. To generate credentials, the authentication token applies a cryptographic algorithm to the shared secret and a variable, for example comprising one or more of a counter value, a value representing the present time, and a challenge or data representing the ongoing session or transaction. The credential thus generated serves as a one-time password, or, if transaction data is included in its calculation, an electronic signature.
The authentication server performs the same or a complementary calculation to obtain a verification value, using its own copy of the shared secret, and its locally kept value of the counter, the present time, the challenge it submitted to the end user or the relevant transaction related data. Authentication is successful if the token-generated credential submitted by the end user matches the verification value generated by the authentication server.
Typical strong authentication tokens have a display for communicating the credentials to the end user, and a button or keypad to request the generation of a new credential and/or to enter challenges, transaction data, PIN codes, etc. Other known communicating means include auditory output, USB interfaces, and wireless interfaces. Other known input means include optical sensors, USB interfaces, and wireless interfaces.
Some strong authentication tokens are dedicated hardware devices whose only or main function is to generate authentication credentials, while other tokens are devices having general purpose computing capabilities (for example Personal Computers, Personal Digital Assistants, cell phones) that run software emulating the functions of dedicated hardware strong authentication tokens and that often offer the generation of authentication credentials merely as an additional functionality besides other functionalities. The latter kind of token is sometimes referred to as a software token.
In a first class of strong authentication tokens, the secret is embedded in a memory internal to the token itself, which is typically made inaccessible to the outside world.
In a second class of strong authentication tokens, the token is capable of receiving an external component carrying a secret, such as a smart card, and of cooperating with this external component to generate and provide credentials.
An advantage of the strong authentication tokens of the second class is that they can be completely generic until the external component is added. This implies that the manufacturing, inventory management, and distribution processes for such strong authentication tokens are similar to the processes for any other kind of non-individualized electronic apparatus, without special requirements for keeping track of the whereabouts of individual items.
Nevertheless, situations may occur where it is desirable to have a token combining the advantages of both worlds, i.e. a strong authentication token with a secret embedded in the device itself, which is still capable of being manufactured as a generic item.