Secure User Authentication BYOD（Bring Your Own Device） Strong 2-Factor Authentication with Password and OTP, Keep Your Users’Identity Safe

Secure User Authentication BYOD（Bring Your Own Device） Strong 2-factor Authentication with password and OTP, keep your users’identity safe. 0 7 54 31

Unpredictable, unrepeatable, and only valid for once.

OTP is known as "one-time password" or "dynamic password"; features a robust protection lock with its "non-predictable, non-repetitive,and drop-after-use password".

An OTP ensures account access safety and protection against important data theft by hackers or others, rapidly enhances the application system safety. It also simplifies users (both internal and external ones) steps required for data access.

CHANGING MOTP helps you meet Personal Data Protection Act, PCI-DSS, HIPAA requirements, etc, by providing OATH certified 2FA access control and auditing log.

www.changingtec.com Login

Account USERNAME Password ****** Strong Authentication Two-Factor Authentication OTP 3 1 5 4 0 7 Login Login Over the last few years, the growing of smart phone, tablet, e-commerce, Success netbook, and MID (Mobile Internet Device) is threaten by more security challenges than ever. Hacking account and online game theft happens everyday is because of traditional login mechanism is not safe. The fixed user name and password is easily hacked by Trojan, keylogger, or back door. The risk is from personal data lost to enterprise confidential leakage.

One-Time Password (OTP) is non-predictable, non-repetitive, and valid only once. It is a concrete lock to protect account access safe. Avoiding losing important information from password peep and hackers, dramatically increasing system security, and simplifying access step of users (employee or outside).

Token 563 068 Token E-Mail Provide Complete OTP Authentication Server Functionality Display Card ● SMS ● PDA ● Mobile Phone ● Provide hardware (with plug-and-play supports) and VM hosts Flash Drive ● Web based management interface

● OK Dual factors verification mechanism (host or AD/DB password) Intel® IPT C Login ● 請使用密碼或PassCode進行登入 Support batch import and activation 帳號：密碼： OCRA Passcode： ● Stores OTP key in DB after encryption 登入 Internet Agent ● OATH standards certified ● Provide auditing log ● Online activation mechanism 、 ● Features hostile attack prevention mechanism VPN Firewall

● Provide temporary block/unblock and temporary OTP Web AP mechanism RADIUS/LDAP Windows AD, IIS, OWA ● HA structure Server API ● Support Windows & Linux operating system System Con g ● Event, time based, OCRA and On-demand OTP verification support. *OCRA : OATH Challenge-Response Algorithm MOTP Server

MOTP is Certified with OATH International Standard

The MOTP system offers the most convenient two-factor authentication solution. Users can use the MOTP token to access application systems such as VPN, Firewalls, remote connections, webpage servers, web applications, operating systems and more. MOTP Solutions MOTP two-factor authentication solution has 3 parts with token, agent and server. MOTP Token A variety of authentication tokens are supported including both "software" and "hardware" tokens. These are very easy to use and suitable for all types of users. MOTP Authentication Server The server takes the managing and authentication part of the solution. It validates the dual factor password, and manages authentication policy. It is available as "standard rack mount server" and "virtual machine (VM)".

● Standard hardware server : It simplifies installation, enhances system security, lowers setup costs and shortens setup time. > Specification: 19-inch rack, 1U, 80GB for authentication logging. > Support HA (fail-over) mechanism.

● Virtual machine : The server can be delivered as a VM image to meet the special environment on the client side. Full series of OTP Tokens

Software Tokens Supported Platforms：iOS, Android, J2ME, Windows PC / Phone ...

797974

797974 797974 797974 797974 797974

E-mail (On-Demand Token) SMS (On-Demand Token) Software Token Using e-mail as an OTP carrier. An Distribute OTP through the SMS server. The software is able to be installed on e-mail contains an OTP will be send if The service requests MOTP server to PC and mobile devices, like smart a service is requesting MOTP server. send an OTP SMS on user login. The phone or tablet. Support Android, iOS, Advantages user receives the OTP by SMS. Windows Phone, etc. Generates OTP ● No need for additional hardware. Advantages anytime, anywhere. Easy to deploy. ● No need to distribute hardware. Advantages ● Low cost. ● Works on all phones with SMS ● Easy to use on mobile devices. feature. ● Daily carry, hard to forget. ● High immediateness. ● No attrition issue while redistribute to others. Hardware Tokens ● Perpetual license, no time limit.

Intel® IPT Intel® Identity Protection Technology Button Type T210 USB Type Y100 ( Intel® IPT ) can be found on Intel Time-based algorithm. Generates OTP Enter OTP by simply plug in to USB CPU, including PC, laptop, tablet, and by pressing button. Large-size LCD port and then press the metal button. smart phone ( Windows 8 and display. OTP valid 60 seconds. Advantages Android ). Advantages ● No need to read and type OTP. Advantages ● Button can withstand more than ● Solid and durable, easy to carry. ● Intel® Identity Protection 14,000 times. Low battery Technology is as convenient as consumption. Battery life 5 years. s / w token, and as secure as ● Anti-tampering. Compatible with h / w token. IP68. ● Large-size LCD comforts eyes.

OCRA Type T300 Challenge-Response Type：The token generates OTP by enter a challenge Display Card Type C200 Seires FISC II Smart Card code which is sent by the server. Time-based algorithm. Generates OTP Generates OTP in the embedded OTP Signature Type：The token generates by pressing button. Displayed on algorithm of the smart card, which OTP by enter specific information, like e-paper. OTP valid 60 seconds. counts the number of usage, by account and amount, for ensuring the Advantages component or 2nd Generation reader. correctness and integrity to avoid ● Button can withstand more than Advantages MIM (Man in the middle attack). 14,000 times. Battery life 3 years. ● Generates OTP with existing bank card. ● Advantages Thin and light, size like a credit card. Easy to carry. ● Enhances the security by adding more parameters to 2FA to lower the risk of embezzled token. Applications & Benefits

Applications and Case Studies 563 068 Token [ Chain Store ] A chain convenient store which has more than 3,000 branches in Taiwan has introduced CHANGING MOTP Mobile One Time Password with hundreds of tokens which allows its employees of HQ and managers of each city from access control. It also applies MOTP system to its supply chain to track login detail information. SSO In the past, store managers access their intranet via VPN which relies on smart card readers to engage PKI. This hardware has poor mobility and flexibility. VPN After adopting MOTP, it eased employees by simplifies login procedures and incredible high secure level. MOTP Server

[ Aviation ] A global leading aviation company migrate its access control system to highly User A User B User C secure protection technology, CHANGING MOTP. Before that, they had deployed other OTP system by other supplier which is not able to satisfy their maintain requirements. It suffered MIS from controlling, managing and auditing. 515 769 It adopts MOTP system using RADIUS to migrate from deployed system after deliberative evaluation and consideration on MOTP architecture. It was a pain-free migration, and goes on-line successfully with one-time configuration. MOTP is Citrix ready and experienced numerous success adoptions. We provide local services and professional trainings to your system managing team. App 1 App 2 App 3 Desktop 1 Desktop 2 Desktop 3 Success Stories Enterprise Realtek, acer, UMC, ADATA, Panasonic, initio, tsmc, FUJITSU, YTEC, Farglory Group, Mitsubishi, Shin Etsu,Chunghwa Telecom, Taiwan Mobile, HiNet, 104jobbank, Pan Asia, Formosa Laboratories, Inc., books.com.tw, United Daily News, EVA Air, FamilyMart, Yuen Foong Yu, Coca-Cola, Aop, KUO CHING, Precision Intemational Corp, PICHTEK, MPI, ASUS Cloud, OMG, Soft-World International Corporation, Cyber Power F i n a n c i a l Taichung Bank, E.SUN Bank, Bank of Taipei, Industrial Bank of Taiwan, Taiwan Cooperative Bank Government Industrial Development Bureau, Ministry of Economic Affairs, Export Processing Zone Administration, Taipei Metro, NAR Labs, Ministry of Health and Welfare, Centers for Disease Control, Taipei City Revenue Service, Ministry of Culture, National Treasury Administration, Food and Drug Administration Education Jinan University, Chien Hsin University, National Kaohsiung University, National Chung Hsing Univer M e d i c a l Pok Oi Hospital, En Chu Kong Hospital, Mennonite Christian Hospital

Ideal for Authorized Reseller

● RADIUS / LDAP authentication (support major VPN, Firewalls, UTMs and Citrix)

● Web server authentication (IIS/JAVA Web Filter)

● Customized ID/Password web page (.NET, ASP, JSP, PHP)

● Linux, Windows login

● OWA (Outlook Web Access)

2F, 48 Park Ave.2, Hsinchu Science Park, Hsinchu 30075, Taiwan Changing Information Technology Inc. TEL : +886-3-5630688 / FAX : +886-3-5630618