Using HP DigitalPass One Time Password Protection

1y ago
11 Views
2 Downloads
603.02 KB
9 Pages
Last View : Today
Last Download : 2m ago
Upload by : Helen France
Transcription

Technical white paper Using HP DigitalPass One Time Password protection Table of contents Introduction 2 What is HP DigitalPass? 2 How DigitalPass works 3 Required components and architecture 3 Using HP DigitalPass 4 Frequently asked questions and scenarios Sample scenario #1 Sample scenario #2 8 8 8 Conclusion 9 For more information 9

Introduction Online identity theft has become a huge international business. In 2009, US citizens lost 560 Million due to internet fraud 1. One of the methods used by scammers and phishers is to obtain your user account and password and then login to your financial accounts and steal your assets. A compromised password can also allow unauthorized access to online merchants and social networking sites. HP DigitalPass One Time Password technology helps prevent access to your assets by providing a second level of authentication that helps validate that the online transaction is originating from a system that you own and not from a scammer somewhere else. Even if your One Time Password is stolen, the life span of the password is so short it is highly unlikely that a scammer could use the password again. What is HP DigitalPass? HP DigitalPass is a new capability embedded in select HP Compaq Elite 8300 and HP Compaq Elite 8300 AiO desktops. It is also available on select HP Compaq 8200 Elite, HP Compaq 8200 Elite AiO, HP Compaq 6200 Pro, HP Compaq 6200 Pro AiO, HP TouchSmart 9300 Elite AiO, and HP rp5800 systems HP DigitalPass offers an elevated level of security and protection for online transactions by securing the user’s online identity. It provides an automatically generated passcode and helps protect against phishing and key grabbers. HP DigitalPass registers your PC with participating websites through a simple user interface. Logging in to these participating websites requires successful traditional authentication (username and password) with a secret one-time password (OTP) that can be supplied only by the registered PC, thus limiting access to the authorized user on the registered PC. This feature is important, even if there are multiple users on the same PC as the combination of usernames and passwords with the OTP would be unique. HP DigitalPass is offered in conjunction with Intel’s Identity Protection Technology (IPT) and is only available on platforms with the Intel 2nd generation of Core i7/i5/i3 processors (Table 1). As users access their favorite websites and make online purchases or transactions, the user will authenticate to the website. During authentication, the OTP will be supplied and login will be complete. HP DigitalPass enables this more secure protection at no additional cost to the user. Table 1: Platforms supporting HP DigitalPass System Supported CPU vPro required? HP Compaq Elite 8300 2nd Gen Intel Core I3/I5/I7 Yes HP Compaq Elite 8300 AiO HP Compaq 8200 Elite HP Compaq 8200 Elite AiO HP Compaq 6200 Pro HP Compaq 6200 Pro AiO HP TouchSmart 9300 Elite AiO HP rp5800 1 nd Yes nd No nd No nd No nd No nd No nd No 2 Gen Intel Core I3/I5/I7 2 Gen Intel Core I3/I5/I7 2 Gen Intel Core I3/I5/I7 2 Gen Intel Core I3/I5/I7 2 Gen Intel Core I3/I5/I7 2 Gen Intel Core I3/I5/I7 2 Gen Intel Core I3/I5/I7 Source: Homeland Security Newswire, April 27, 2011. 2

How DigitalPass works HP DigitalPass uses a hardware-generated passcode that is used only once for a short period of time and supplied invisibly to participating websites. This passcode provides a second factor of authentication to the traditional user name and password—providing something you know (user ID and password) plus something you have (HP DigitalPass). The passcode generator is protected in the PC hardware and cannot be accessed from the hard drive or the BIOS. To begin using HP DigitalPass, Credential Manager for HP ProtectTools should be utilized to activate the VIP Access Credential. Beyond Credential Manager, participating websites that utilize this advanced security protection will, during initial engagement, invite users to “bind” their passwords and the OTP. Required components and architecture HP DigitalPass requires the following components for HP DigitalPass functionality. Intel 2nd generation Core i3, i5, or i7 vPro-capable processor and chipset HP ProtectTools Security Manager Intel Management Engine Interface (MEI) driver version 8.x.x.x.x Host Embedded Controller Interface (HECI) BIOS containing management engine firmware ME FW8.x.x.x HP DigitalPass / One Time Password component NOTE: PC models introduced in 2011 use ME FW ver. 7 and MEI driver ver 7. HP DigitalPass architecture is shown in Figure 1. Figure 1: HP DigitalPass architecture 3

Using HP DigitalPass The HP DigitalPass OTP function is configured through the HP ProtectTools utility. 1. Open HP ProtectTools (Figure 2). Figure 2: HP ProtectTools main screen 2. In the left pane of the main screen under Password Manager, select VIP and click Yes (Figure 3). Figure 3: HP ProtectTools main screen, selecting VIP option 4

3. In the “Verify your identity” dialog box, enter your Windows password and click on the arrow icon (Figure 4). Figure 4: HP ProtectTools identification verification 4. HP ProtectTools displays a window reminding you to register your VeriSign Identity Protection (VIP) access credential with each VIP member site you plan to use (Figure 5). Figure 5: HP ProtectTools VIP access reminder window 5

5. Browse to a VIP member site you use for account transactions. In Figure 6, the example site of “Trusted Bank” is used. Click on the prompt I want VIP security. Figure 6: Example VIP member site: selecting VIP security 6. In the VeriSign Identity Protection (VIP) window (Figure 7), select Get VIP. Figure 7: Example VIP member site: initiating VIP security 6

7. In the HP ProtectTools dialog box (Figure 8), enter your password for the site. Ensure that both boxes in the VeriSign Identity Protection (VIP) area are checked and click OK. Figure 8: HP ProtectTools Password Manager window: entering VIP member site data 8. In the VIP member site, enter or drag and drop the 6-digit security code from your VIP credential and click Validate (this process will vary by website). Figure 9: Example VIP member site: entering VIP security code This ends the procedure for setting up a VIP member site for VIP security. The procedure must be repeated for each additional VIP member site you intend to use. 7

Frequently asked questions and scenarios Q: What happens to HP DigitalPass and the user credentials if the PC hard drive is reimaged? A: If the user token and credentials have been backed up prior to reimaging, they can be restored from the backup. If no backup is available, the user will need to re-enroll at each web site previously activated to “rebind” their credentials with the PC. Q: Where are HP DigitalPass and user credentials stored? A: This data is encrypted on the PC’s hard drive and can be backed up and restored by regular backup software. If the data is lost and no backup is available, the user must re-enroll with each web site. Q: Does OTP store any personal data? A: No. The secret one time password is transmitted to the merchant. This password does not contain personal information. Sample scenario #1 Q: I travel frequently and visit cybercafés to do my work. Since I won’t have my personal PC, will my bank website let me log in? A: You can access your bank website from any PC. However, if the PC you are using does not have the HP DigitalPass capability, additional authentication will be requested. For example, you may be asked one or two security questions that you provided previously. This process helps protect your identity so an unauthorized person cannot gain access to your account. Sample scenario #2 Q: How will the user know they have the OTP capability? A: HP DigitalPass is only available on HP Compaq Elite 8300 or HP Compaq Elite 8300 AiO business desktops with Intel 2nd generation Core i7/i5/i3 vPro-capable processors. It is also available on HP Compaq 8200 Elite, HP Compaq 8200 Elite AiO, HP Compaq 6200 Pro, HP Compaq 6200 Pro AiO systems, HP TouchSmart 9300 Elite AiO, and HP rp5800 with Intel 2nd generation Core i7/i5/i3 processors. The OTP enablement can occur from the first VIP participating member site visited or from the Credential Manager for HP ProtectTools console. 8

Conclusion Traditionally, the level of protection offered by HP DigitalPass was only available through a separate device (such as a USB disk-on-key) that would generate the one time password. HP DigitalPass allows you to save on cost of a separate One Time Password generator and the hassle of losing your disk-on-key device. For more information The following sites provide additional information on the subjects of identity theft and unauthorized access. http://www.theregister.co.uk/2011/02/04/hmrc phishing scam warning/ http://www.globalsaskatoon.com/Going phishing/4304355/story.html nline-fraud-doubled-last-year-20100315 http://www.virusbtn.com/news/2010/10 14.xml?rss ost-of-cyber-crime The following site includes a current listing of the Symantec VeriSign Member sites: http://idprotect.verisign.com/wheretouse.v Get connected hp.com/go/getconnected Current HP driver, support, and security alerts delivered directly to your desktop Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. 652387-003, Created May 2012 9

HP DigitalPass is a new capability embedded in select HP Compaq Elite 8300 and HP Compaq Elite 8300 AiO desktops. It is also available on select HP Compaq 8200 Elite, HP Compaq 8200 Elite AiO, HP Compaq 6200 Pro, HP Compaq 6200 Pro

Related Documents:

Luciferian) Luke 23:35 the chosen of God His Chosen One (NIV, Living Bible) Only One (f) (Luciferian) The one and only God only one the One (NASB) only one the one (NIV) Luciferian “One-Only One” there standeth one among you one is your Master One is your teacher (NASB) one is your Father One is your father (NASB) John 8:50 one One

up, a time to weep and a time to laugh, a time to mourn and a time to dance a time to embrace and a time to refrain from embracing, a time to search and a time to give up, a time to keep and a time to throw away, a time to tear and a time to mend, a tim

UMSYS HR 9.2 Time and Labor - Comp Time Compensatory Time in Time and Labor Prior to PeopleSoft 9.2, Compensatory Time (comp time) was administered by Benefits as a leave plan. Now, comp time is maintained as part of the Time and Labor module. Hourly Time Reporters are enrolled in the University's comp plan upon enrollment in Time and Labor.

Anatomy of response time Response time consists of two elements: 1. Suspend time: the time a task is not executing (waiting). 2. Dispatch time: the time that CICS thinks the task is executing. This time is further divided into: A. CPU time: the time the task is executing on CPU. B. Wait time: the time the CPU has bee

User’s Guide to Time and Labor Processing (v23, 1.19) Page 27 of 50 METHOD TWO: USING THE ELAPSED TIME ENTRY SCREEN Entering the Sick or PTO Code (Using the Elapsed Time Entry Screen) 1. From the menu on the left or at the top, click Manager Self-Service Time Management Report Time Elapsed Time Entry. 2. Select Criteria (Time Reporter .

—Carlo Rovelli, The Order of Time (2019, 194) Time flies. Time waits for no man. Time is of the essence. Time is eve-rywhere and in everything. We are in time, with time, of time (Peters 2015, 175). Time is a river, a thief, and a bestower of gifts. It is a god, a revealer of secret

Workday Time Entry Positive time entry –all time worked must be recorded on time sheet Request time off through Workday Can use Projects for time allocation Must have a schedule Kronos Use Kronos to record time worked Employee cannot enter time in Workday Time off recorded in Work

Annual Women’s Day Sunday, August 24 Congratulations on a blessed Youth Day!! Enjoy your break during the month of August. Women’s Day Choir Rehearsals July 31, August 7, 14, 19, 21 . Beginners Andrew Ash Chaz Holder Primary Deion Holder Nia Belton Junior William Ash Deondrea Belton Intermediate RaShaune Finch Jaylin Finch Advanced Rayanna Bibbs Tavin Brinkley Adult #2 Jeffry Martin Joseph .