A security token is a hardware device that you use to allow accessing a network service. It may be created in the form of a smart card or may be built in an item. A unique number you see on the screen is used to identify you to the service, which allows you to log in. The identification number for each user is changed regularly, usually every five minutes.
A security token can be a physical object or software. A key chain, for example, is practical and easy to carry, and therefore easy for the user to protect. Even if the key ring is stolen, however, it can not be used to access because the PIN (which only the legitimate user knows) is also required.
What is STS and how does it work?
A Security Token Service (STS) is a Web-based service used for producing security tokens. As usual, a user requests access to a secure network or application. Instead of the application authenticating the user, the user is redirected to a security token service application. The STS identifies the user and issues a security token. The network or application confirms that the token was created from a trusted STS, and then provides the access to the user.
Where security tokens can be used
Each of us heard rumors and stories about cyber criminals stealing sensitive information such as credit card numbers. Nobody can blame you for being prudent and suspicious, when your hard-earned money is a discussion topic. But the fact is, online banking with powerful security software such as a security token is much more secure than standard face-to-face banking. Let’s look at the common security threat, we are exposed to. First, your mail can be intercepted; secondly, your account information can be used by bank employees; thirdly, your money can be stolen when you use an ATM.
Your safety is the top priority
Using online banking, you avoid such threats. Some banks issue security tokens for clients. These tokens dynamically change the numbers customers need to enter for each transaction. Security token password managers are very safe, because they use multifactor authentication with a security token: the user has a personal identification number (PIN) to get an access.
Bank of Ireland, the National Bank of Dubai, the Bank of Queensland, First Bank of Nigeria and Bank of Montgomery are just some of many online banks that decide to use this authentication process.