Exchange a secure key with your GateKeeper token to make it cryptographically unique. This will enhance the security of proximity authentication by verifying One-Time Passcodes sent by the token.
When the Secure Key exchange option is enabled, the client machine will write a cryptography key to the Halberd token. This key will be saved as part of the token information in the GateKeeper user's profile and on the token itself. Once the key has been written to the token, it will generate a six-digit One-Time Passcode and include it as part of the Bluetooth advertisement packet. This code will change every 30 seconds. The GateKeeper Client application will read this code and compare it to its own self-generated code. Only if the codes match will the token be allowed to authenticate the user onto the computer. The random code is therefore used as an additional verification for the token itself. This prevents the token from being spoofed by tools that can read Bluetooth packets and thereby will increase the security of the token itself.
This option is only available to GateKeeper Enterprise subscribers. The Secure Key Exchange process must happen on the computer itself (GateKeeper Client) and cannot be done on the GateKeeper Hub admin console as the process requires a proximity Bluetooth connection.
Warning: If a secured token is reprovisioned to another user, the secure key exchange process must be repeated by the new user.
If you have any further questions, IT problems that need to be addressed, or compliance problems that need to be solved, please visit www.gkaccess.com or contact us at info@gkaccess.com or (240) 547-5446 to see how GateKeeper Enterprise can automate digital security for your end-users and admins.
Comments
0 comments
Please sign in to leave a comment.