Dynamic Authentication

Dynamic Authentication

Dynamic authentication uses cryptography or other techniques to create a per-session authenticator. A dynamic authenticator changes with each authentication session between the applicant and verifier.

Smart Security Tokens

There are many protocols a smart token can use for authentication. In general, they can be divided into 3 categories: static password exchange, dynamic password generators, and challenge-response.

Static tokens work similarly to memory tokens, except that the users authenticate themselves to the token and then the token authenticates the user to the computer.

A token that uses a dynamic password generator protocol creates a unique value, that changes periodically. If the token has a manual interface, the user reads the current value and types it into the computer system for authentication. If the token has an electronic interface, the transfer is done automatically. If the correct value is provided, the user is granted access to the system.

Tokens that use a challenge-response protocol work by having the computer generate a challenge, such as a random string of numbers. The smart token generates a response based on the challenge. This is sent back to the computer, which authenticates the user based on the response. The challenge-response protocol is based on cryptography. Challenge-response tokens can use either electronic or manual interfaces.