|
 NIPASS (New Image Personal Authenticator Security Solutions)
Dynamic Password Token System
 Safety & Cost-efficiency for Authentication and Logon Control
Full-strength Support & Ease of Use
An Integral Scheme for the Identification and Authentication
Easy to Integrate
Highlights of NIPASS
Features of Authentication Server
Applications
PDF Download (PDF 266K)
Safety & Cost-efficiency for Authentication and Logon Control
NIPASS enables financial institutions such as banks, security companies, insurance companies and etc. to identify their clients easily. It also provides data-sensitive organizations to authenticate their employees and to avoid the unauthorized access to their valuable data assets.
Today, using computer and the Internet becomes part of daily life. Thus , security and authentication for the computer system is crucial. The simple and static password system is easily to be guessed and is not enough to meet the security needs for most of networking systems. One-time password system is the one that can solve the need of e-security.
NIPASS series of New Image Co. are dynamic password tokens incorporate with Authentication Server to provide the security needs of enterprise such as internal access control, remote access control and authentication over the Internet. NIPASS is the best choice for your e-security.
NIPASS can be used in different platforms and protocols to accomplish system protection, user authentication and authorization control.
Full-strength Support & Ease of Use
It is very simple and easy to use NIPASS. The physical size of NIPASS is just like a key-chain. The user simply presses the ON/OFF button to get eight-digit random number and the enters the memorized PIN and those eight digits shown on the NIPASS's LCD display to logon. The authenticator generated by NIPASS is unique, unpredictable and unrepeatable. With intelligent power management capabilities, the battery life of NIPASS is extended. The power of NIPASS will be turned off in thirty seconds after the token code is generated. A low power mark is shown on the LCD when the battery is to be replaced.
Each NIPASS is equipped with an infrared link. Along with infrared recorder/reader designed by New Image of NIPASS is initiated and the token code is read automatically by PC. This infrared link makes operation easier.
NIPASS 300 has three token code options. It can be used to connect to three different Authentication Servers or applications.
NIPASS is embedded with CPU to generate one-time password and to provide the function of transactional digital signature. In addition, the newest encryption standard AES is implemented. NIPASS can hold the AES key and do all the calculation inside.
An Integral Scheme for the Identification and Authentication
Based on the two-factor authentication principle, NIPASS is developed to authenticate the user identity and to overcome the weakness of the simple and static system. New Image's Authentication Server provides the management function for NIPASS, which can work with any other servers in the internal or external networks through API for NT or Unix. All the communications are secured.
Easy to Integrate
It is inconvenient for an enterprise to manage the different passwords used by the different applications. And it is troublesome to memorize various passwords needed to enter into different applications. New Image's Authentication Server can support the function of authentication for different servers or applications through integral API support. In other words, Authentication Server can be used to simplify the password systems for logon activities. It will lower the burden of a user to memorize many passwords and bring more control over the entire system.
Authentication Server provides the service of remote network access control. It includes ready-to-use RADIUS server to be in conjunction with the entry program, router or firewall for user authentication and authorization control. It also supports MSGINA driver installed in Windows NT or Windows 2000 platform to check the logon activity interactively, and lets the logon in the enterprise networks more secure.
Authentication Server is built on larger scale data handling architecture, capable of handling a large mumber of users at the same time. It can support many kinds of database via ODBC architecture. Management and administration tools are available for the administrator to centralize the control over the token card and the token user. The main feature New Image's Authentication Server is the system administrator can record the seed which is initiated by the server into token card. The administrator has total control of the secrets.
The system administrator is allowed to remotely manage NIPASS, and is also supervised by the administrative policy defined by the enterprise.
Highlights of NIPASS
1. Based on two-factor authentication technology, avoids the unauthorized access and compensates the weakness of the static password.
2. The seed generated randomly by Authentication Server is recorded into NIPASS with the infrared recorder/reader. The seed is stored on the RAM. The newest AES algorithm is applied to generate the dynamic password. It can be one token code generator (NIPASS 100) or 3 codes (NIPASS 300).
3. In combination with infrared recorder/reader, the functions can be achieved are as follows:
(1) Initialization of NIPASS, inject the seed into NIPASS.
(2) Read the dynamic token code from NIPASS.
(3) Challenge/response function of NIPASS.
(4) Encryption and decryption of AES (Rijndael).
4. Personal PIN is optionally required to power on the NIPASS token. The PIN length can up to 8 digits and the user can setup the PIN code or disable the function by self.
5. The one time password can also be generated in Challenge/Response plus event mode. The three buttons are used to enter the challenge.
6. Using AES (Rijndael) algorithm for encryption, the code generated by NIPASS can be used as the private key in digital signature to accomplish the transactional digital signature.
7.Automatic power -off design to save power consumption. Battery has four-year life and is replaceable. The warning of low battery is indicated, when battery is necessary to be changed. The change of battery will not affect the inside secret.
8.A variety of API for UNIX or Windows NT is provided. TCP/IP and RADIUS protocols are supported. MSGINA for Windows NT or 2000 logon is available.
9.Easy to set up infrared recorder/reader. Customized logo and special requirements are upon request.
Features of Authentication Server
1.Verifies and authenticates the token code in the networks.
2.Plays the role as single sign-on server between software applications in the networks.
3.Provides the transactional digital signature function to achieve the need of no-repudiation in the e-business environment.
4.Embedded with high speed database engine, supports ODBC and multiprocessor architecture. Easy to integrate with other applications. Capable of handling large numbers of data at the same time.
5.Management and administration tool is available for initialization of NIPASS, suspense of token card, entry of user attributes and etc.
6.Provides the management utility for token card management such as loss, suspense, reinitialization and etc.
7.Several kinds of reports are included to express the status of token card or the log of user activities and transactions.
8.Works with infrared recorder/reader to record and store the private key or its relevant summary into NIPASS.
9.Utilizes contemporary encryption technology such as the RSA digital envelope and in conjunction with AES,T-DES to provide the secured communication between servers and clients.
10.Tamper-proof device:NI-Memory is included to protect contents of database encrypted by 128 bits private key. Based on the secret sharing algorithm, the master key of NI-Memory can be split into N shares, and the M shares of N can recovers the master key of NI-Memory.
11.Supports RADIUS protocols.
12.Provides API & SDK samples for software integration.
Applications
*Banking solutions.
Such as Internet banking, Phone banking, Mobile banking and etc.
*E-commerce
*Remote access control
*Network security
*Internet stock trading
*ASP/ERP provider to authenticate members
*Other authentication needs
| 
Introduce
