A One-Time Password (OTP) is a password that is valid for a single login session or transaction, on a computer system or other digital device. OTPs avoid a number of shortcomings that are associated with traditional password-based authentication. It is possible to incorporate two factor authentication by ensuring that the One Time Password requires access to something a person has:

  • A device with the OTP processor built into it
  • A physical smartcard
  • A mobile app (reading QR-Codes)

and something a person knows:

  • A PIN
  • A password 
The most important advantage that is addressed by OTPs is that, in contrast to static passwords, they are not vulnerable to replay attacks. This allows the One-Time Password to be transferred over an insecure channel, as a potential attacker who manages to record an OTP response that was already used will not be able to reuse it, since it will no longer be valid.

OTPs have been discussed as a possible replacement for traditional passwords. While there are many different brands of OTP token already available on the market we could not customize them to our needs for special purpose applications. With the model 326 OTP cards produced by nagra.com we found a suitable product that matches our requirements:

  • Slim, lightweight and durable
  • Has a reasonable battery lifetime / activation count
  • Is based on an open, international standard OCRA RFC6287
  • Standalone, not connected to any other computer devices
  • Blank by design, so it can be fully customized
  • Offers special configuration options like cloned cards and custom secret keys

The cards form factor (CR-80) makes them easy to use in daily operations and procedures that require two factor authentication mandated by international standards like PCIDSS or ISO27001.

To contact us please send an email to support@otp.to.

OTP.to is a product of signal interrupt GmbH