Giritech was first to market in 2004 with its innovative G/On USB that in one mobile device provides two-factor authentication and secure software storage for connectivity. The evolution of devices has since accelerated as CPU and memory circuits have reached new levels of integration with more and more functionality on smaller and smaller chips.
Giritech is therefore proud to offer the next state-of-the-art innovation within authentication tokens. The new G/On 5 solution is based on cryptographically secure smart-card technology thereby implementing a very strong mutual authentication protocol and completely avoiding the counterfeiting issue of copying devices.
Furthermore, as opposed to alternative smart-card based solutions, Giritech’s solutions offer the user full device independence because the solution can be accessed and used on devices with limited login rights (no administrative rights required) and without requiring special drivers or other token specific software on the device. The new authentication tokens therefore combine leading edge technology and capabilities with the unique user convenience of G/On.
The advanced smart-card technology is provided by the highly visionary developer of new, integrated tokens, the German company, Giesecke & Devrient (G&D, www.gi-de.com). G&D is a leading developer of smart-card technologies for credit cards, access cards, and personal identification (PIV) cards. Giritech has worked closely with G&D to ensure that G&D’s new generation of secure authentication, memory and encryption devices supports the functionality of G/On. Although G/On 5’s plug-in architecture will enable the support of multiple different tokens, G/On 5 is developed specifically to support G&D’s series of smart-card based tokens called G&D StarSign© Mobility Token.
At the time of general availability, October 2009, G/On 5 supports two G&D tokens and it is the intent of Giritech and G&D to support all of the G&D StarSign Mobility Tokens within the next 3-9 months of this announcement.
G/On MicroSmart 1GB
Based on Giesecke & Devrient StarSign® Mobile Security Card. This device is a standard microSD flash
memory card combined with an additional integrated smart-card chip that is used by G/On for authentication.
The flash memory is used for the storage of the G/On client software and associated application clients and data. The G/On microSD supports Windows, Mac, and Linux and can be used in mobile devices such as high speed broadband modems (e.g. USBConnect QUALCOMM 3G or HUAWEI Mobile Connect Modem E180 used by mobile carriers around the world), Laptops, PDAs and other mobile devices with a microSD interface. The G/On MicroSmart operates without any installation of drivers and doesn’t require administrator rights on the device thus reducing costs for implementation, support and help desks.
G/On USB
MicroSmart 1GB
(based on Giesecke & Devrient StarSign® Mobility Token µSD). This G/On USB device offers a high degree of mobility, versatility and convenience as it supports Windows, Mac, and Linux based devices with a USB port. It uses the same integrated smart- card and microSD flash memory for storage as the G/On MicroSmart but is housed in an adapter specially built for the higher heat emission of this special microSD card. The G/On USB MicroSmart requires no installation of drivers and can be used on any PC and does not require administrative rights.
G/On USB SafeSmart 1GB
Based on Giesecke & Devrient StarSign® Mobility Token Classic. This USB device contains flash memory, a separate CD-ROM partition, a flash controller supporting data encryption, and a smart-card and supports Windows, Mac and Linux. Provided the ability of the operating systems, this device offers automatic launch of the G/On client without any prior installation or administrator rights. The G/On USB SafeSmart permits automatic encryption of data stored on the token fully transparent to the user and the smart-card ensures the security of the identities stored on the token. In one single device, the G/On USB SafeSmart offers protection of data in transit as well as at rest.
G/On USB MultiSmart 1GB
Based on Giesecke & Devrient StarSign® Mobility Token ID1. This device provides the ultimate secure access solution by combining G/On with existing smart-cards for Personal Identity Verification (PIV) and supports Windows, Mac and Linux. Chip cards in ID1 format can be inserted into the device and be
used as G/On authentication. A second smart-card is included and can be used for authentication of the device in the case the PIV card issuer does not provide software access. The G/On USB MultiSmart functions as a user-friendly, driverless card reader in mini format and includes flash memory, hardware data encryption, CD-ROM partition, and an ARM7 processor. Except for drivers potentially required by the PIV card, the device itself requires no driver installation and does not require administrative rights on the PC.
G/On USB H3 1GB
Based on Hagiwara UDRW G3 technology. This Windows Only USB device contains flash memory, a separate CD-ROM partition, and a hidden memory zone accessible only to the G/On Server. The device offers automatic launch of the G/On Windows client without any prior installation or administrator rights, storage of G/On Client software on write protected CD partition and read/write memory for storage of data and application clients. Authentication functionality is based on a private key stored in a hidden memory zone. G/On USB H3 1GB was the standard token device used with earlier generations of G/On.
G/On Device Token
This special token makes it possible to use personal laptops or other personal computing devices as G/On authentication factors. The G/On Device Token is created from a G/On SoftToken in combination with unique hardware information of the device including the MAC address of the network card(s). This option is particular valuable in these scenarios:
- Businesses that are already providing personal laptops to employees and staff can use these devices as the second authentication factor in addition to user name and password. The company saves the cost of separate authentication tokens and the logistics of managing these tokens. From a user perspective, the hardware part of the two-factor authentication becomes totally transparent.
- Schools, colleges, and universities are more and more relying on students and staff using their own laptops for studies and work. The G/On Device Token enables the schools to allow students and staff to use these personal devices for secure access to campus network. Forcing two-factor authentication is critical in these environments for secure identification of user, the device and the resources that are accessed. The G/On administrator can from one centralized tool manage, control, and document who has access to what. G/On’s Windows, Mac and Linux clients supports the most popular devices used in the educational sector today.
In addition to hardware based authentication tokens, G/On 5 also supports software based tokens. G/On SoftToken is a challenge-response based authentication using public key cryptography but without the need for a X.509 based Public Key Infrastructure (PKI). The soft-token is generated by the G/On Server and allows authentication of users from a wide range of hardware devices. Note: Like other soft-token based solutions, the G/On SoftToken is not tied to the hardware device and should normally only be used on trusted hardware devices (computers, USB keys, external storage devices etc.). Please notice: G/On 5.3 only supports SoftTokens stored on removable drives and devices.
G/On 5 Authentication Token overview
|
G/On 5 Hardware Authentication Tokens
|
MicroSmart
|
USB MicroSmart
|
USB
SafeSmart
|
USB
MultiSmart
|
USB H3
|
|
Availability
|
Now
|
Now
|
Feb 2010
|
Feb 2010
|
Feb 2010
|
|
Supported Operating Systems
|
Windows
Mac
Linux
|
Windows
Mac
Linux
|
Windows
Mac
Linux
|
Windows
Mac
Linux
|
Windows
|
|
Software Execution from Token
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
|
Zero Footprint
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
|
Driverless Operation – uses existing mass storage driver
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
|
Works for NON-admin users
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
(No for CD update)
|
|
Authentication Method
|
Smart Card
|
Smart Card
|
Smart Card
|
Smart Card
|
Protected SoftToken
|
|
CD ROM partition for read only storage of G/On Client
|
No
|
No
|
Yes
|
Yes
|
Yes
|
|
Flash Memory
|
1GB
|
1GB
|
1GB less size of
CD ROM
|
1GB less size of
CD ROM
|
1GB less size of CD ROM
|
|
Hardware data encryption
|
No
|
No
|
Yes
|
Yes
|
No
|
|
Exchangeable Smart Card (SIM-format)
|
No
|
No
|
Yes
|
Yes
|
n/a
|
|
Built-In PIV ID1 Smart Card reader
|
No
|
No
|
No
|
Yes
|
n/a
|
Top of Page
