QR-Code-Based Signature Token

SecOPTIC

SecOPTIC is the logical development of our successful chip card reader ChipTAN|CardTAN. Unlike other products available on the market, SecOPTIC does not read a flickering code, but a QR code. This code contains the transaction details to be signed. Once the data has been read in, the chip inside the device is used to generate a one-time security code. KOBIL offers a suitable terminal to meet the needs for a hardware-based method. The security codes generated for verification (TAN or OTP) are verified against the KOBIL security server. SecOPTIC devices are managed by the KOBIL security server and can be linked to the user’s identity through unique devices.

SecOPTIC is the logical development of our successful chip card reader ChipTAN|CardTAN. Unlike other products available on the market, SecOPTIC does not read a flickering code, but a QR code. This code contains the transaction details to be signed. Once the data has been read in, the chip inside the device is used to generate a one-time security code. KOBIL offers a suitable terminal to meet the needs for a hardware-based method. The security codes generated for verification (TAN or OTP) are verified against the KOBIL security server. SecOPTIC devices are managed by the KOBIL security server and can be linked to the user’s identity through unique devices.

No Data

Flickering technology- Sign what you see

ChipTAN CardTAN

KOBIL offers the card readers TAN Optimus Comfort and opTAN Touch for internet banking. The card readers are known as ChipTAN in Germany and CardTAN in Austria.
TAN Optimus Comfort uses optical sensors to transmit transaction data from the monitor to the offline device. The end user reads the transaction data on the display of the offline device and signs by pressing the Accept key. Even if the PC is under attack, the TAN Optimus Comfort device cannot be manipulated.

KOBIL offers the card readers TAN Optimus Comfort and opTAN Touch for internet banking. The card readers are known as ChipTAN in Germany and CardTAN in Austria.
TAN Optimus Comfort uses optical sensors to transmit transaction data from the monitor to the offline device. The end user reads the transaction data on the display of the offline device and signs by pressing the Accept key. Even if the PC is under attack, the TAN Optimus Comfort device cannot be manipulated.

Operating principle

Simply read the barcode, check and confirm transaction details, and enter the TAN to authorize the transaction.
The end user completes an online form and sends it to the application server. The server displays a barcode to confirm the data. Once the end user has inserted their bank card (smart card) into the TAN Optimus and places the reader in front of their monitor, the details will be displayed. The user signs the transaction data being displayed by the offline device and accepts the generation of a one-time code.
TAN Optimus Comfort allows transaction data to be read from a PC, tablet or smartphone, preventing “man-in-the-middle” and “man-in-the-machine” attacks. Transactional TANs ensure that the scanned barcode is issued by the appropriate server and can only be used once in a given transaction.
Optical sensors
One of the best ways to transfer data from PCs and tablets to offline devices is to use optical sensors. Monitor types, configuration or unfavourable lighting conditions can cause reading problems with optical sensors. Thanks to our many years of experience, we have improved and optimized the reading performance of our optical sensors.
Ease of Use
End users appreciate the reliable reading of data from the PC monitor by means of optical sensors and faultless functionality.

The one-time password system made in Germany.

SecOVID

SecOVID is a one-time password solution consisting of a client component and a server component, the Smart Security Management Server, which enables authentication using a one-time password via the LDAPs protocol.
On the client side, KOBIL offers a hardware SecOVID token that generates a valid one-time, 8-digit password by pressing the key on the device. Alternatively, you can use a PIN-protected soft token app that generates an 8-digit one-time password to strengthen weak passwords.
SecOVID offers the highest level of protection against unauthorized logon attempts as an entry-level solution for secure access to applications worldwide. The solution can be integrated very easily and quickly wherever an LDAP connection is available (e.g. Citrix, Cisco, Microsoft, SAP, etc.).

SecOVID is a one-time password solution consisting of a client component and a server component, the Smart Security Management Server, which enables authentication using a one-time password via the LDAPs protocol.
On the client side, KOBIL offers a hardware SecOVID token that generates a valid one-time, 8-digit password by pressing the key on the device. Alternatively, you can use a PIN-protected soft token app that generates an 8-digit one-time password to strengthen weak passwords.
SecOVID offers the highest level of protection against unauthorized logon attempts as an entry-level solution for secure access to applications worldwide. The solution can be integrated very easily and quickly wherever an LDAP connection is available (e.g. Citrix, Cisco, Microsoft, SAP, etc.).

Why KOBIL?

Authentication in the digital world is not all there is, but without it, whatever there is amounts to very little. For this reason, we offer a cost-effective entry-level solution for access protection to your applications (e.g. Citrix, VPN, Outlook Web Access, etc.), both hardware- and software-based.
Access to applications from anywhere and at any time is a basic requirement for a functioning business. Security must not be neglected because the risks of unauthorized access are too high. This is why companies use a strong authentication method in addition to tradtional passwords.
Cost is an important factor when it comes to implementing strong authentication. SecOVID is a tried and tested, cost-effective, secure and quickly integrable solution.

DUAL 7 Layers of Security

Server checks the client, the Client checks the server

Secure Device
  • Security Status of Device
  • Detect OS
  • Malware
  • Device Binding
  • Rooting & Jailbreaks
Secure App & Web
  • Detect Code Injection, Manipulation
  • App Integrity
  • Signature
  • Whitelisting
  • Certificate PIN
  • SSL Hooking
Digitanium Channel
  • Own SSL/TLS Implementation
  • Independent
  • Own Trust Store
Smart Security Management Server
  • App
  • Device
  • Identity
  • Certificates (TC)
  • Signature Verification
Virtual Smart Card
  • Independent Key Stores
  • Unlocking Only By Security Server
  • Encapsulated Private Key
Trusted Identity
  • A focus on identity is an integral part of the process.
Digital Signature
  • Private/Public Key Principle
  • Signature-based Interaction
One Technology for all platforms:
Comply with the regulatory:
  • eIDAS
  • GDPR
  • PSD2

Technology

Get in Touch