ID-One™ Token is Oberthur Card Systems' latest offer for the corporate market. The product supports two interfaces: USB and contactless.
As security concerns rise for corporates, demand for secure devices is increasing. Oberthur Card Systems' ID-One Token has been designed to enable solutionsfor corporate security issues through logical access control and physical access control. Logical access control refers to the means by which users are authorized and authenticates to use network services/computer security. Main features supported by ID-One Token in this domain are :
PKI-based authentication for network access (Access control for WiFi networks or VPN)
PKI-based e-signature
Windows™ PKI smart card-based logon
Support for DES-based authentication Technical features ID-One Token incorporates Oberthur Card Systems Java Card™ platform ID One Cosmo and supports two interfaces:
USB interface for logical access control
Contactless interface for physical access control
ID-One Token is accompanied with a middleware, providing CSP and PKCS#11 interfaces, enabling integration with client applications (for example email signature with Microsoft Outlook or other email software using the middleware). ID-One Token Offer Package
The standard ID-One Token offer includes:
The Token
ID-One platform: In order to provide its customers with a sophisticated technology at an acceptable price, Oberthur Card Systems has selected a Philips chip platform providing a important amount of EEPROM (66k). In order to free as much EEPROM as possible for application loading, Oberthur Card Systems has taken full benefit of the large amount of ROM (160k) available by hard masking standard applications, such as the authentication application or file system management application, in order to reduce applet size.
ID-One applet: The ID-One applet loaded into the token provides all the necessary cryptographic services to perform PKI (RSA) related operations and secured data storage functions for identity, password, credential or any other sensitive data. DES or 3DES functions are also provided to perform
encryption/decryption and can be used to perform challenge/response operations. RSA keys can begenerated onboard or loaded, whereas DES keysmust be loaded on the card.
PKCS#11, CSP libraries: These interfaces can be used by client applications to access the cryptographic resources of ID-One Token. Accumulating its leadership in smart cards with a unique expertise in security printing and personal identification documents, Oberthur Card Systems is better positioned than any other actor on the market tosupport corporates deploying secure token systems.