AUTHENTICATION

FIDO2

Welcome to the New Era of Hard Tokens

July 8, 2024
Hardware token and laptop illustrations on blue background linked together with a dotted line

Hard tokens are far from being a thing of the past — instead, they may actually be the best choice for your organization’s authentication needs.

Hardware tokens, also known as hard tokens or security keys, were once the gold standard for providing secure access to sensitive systems and accounts. In today’s digital landscape, however, traditional hard tokens are largely viewed as outdated and overly complicated to use.

This doesn’t have to be the case. On the contrary, modern hard tokens have much to offer: They provide users with top-tier security while maintaining compliance with upcoming regulatory requirements like PSD3

Let’s take a look at what’s next for hard tokens and why your organization should consider them as a reliable method for providing users with secure authentication.

How Do Hard Tokens Work?

Hard tokens are physical authentication devices that can be connected to digital devices via USB, Bluetooth, or NFC. Hard tokens provide a secure authentication method without the need for a mobile device or dedicated software program on the user’s device. 

When it comes to security, hard tokens are pretty hard to beat. Put simply, the fact that they can’t be duplicated (plus the necessity of having the token physically on hand) adds an extra layer of security to ensure that only authorized users can gain access to a device. Their physical nature also makes them highly resistant to phishing attacks and remote breaches: Since they can be easily isolated from the public internet, their attack surface is minimized.

The mechanics of hard tokens are straightforward and they’re highly secure — so why is it that the popularity of hard tokens has declined in recent years? 

Problems With Traditional Hard Tokens

Historically, hard tokens have been fairly cumbersome and user-unfriendly. Most of these tokens require the manual input of one-time passwords (OTPs), which results in a frustrating experience that’s prone to errors during code rewriting.

Additionally, the installation process of hard tokens has usually demanded considerable effort from users and can involve visits to branches, the use of CDs, or downloading proprietary software or browser extensions in order to begin using the devices.

Moreover, traditional hard tokens often lack a display or have one too small to show essential details, such as those shown in dynamic linking, which aims to securely link each transaction to its specific amount and recipient.

The rise of digital tokens (think passkeys) has also affected the use of hard tokens. We increasingly rely on digital tokens for their convenience and ease of use. Many banks now prefer mobile apps for secure authentication and view hard tokens as obsolete or only suitable for specific audiences like corporate customers.

FIDO2: A Turning Point for Hard Tokens

Fortunately, the issues that have once plagued hard tokens can now be put to rest: The FIDO2 standard has revolutionized hardware tokens, unlocking fresh opportunities for their application and use.

Because FIDO2 uses standard public key cryptography techniques to provide phishing-resistant authentication, hard tokens easily replace the use of weak credentials with strong hardware-backed cryptographic key pair credentials.

This level of security is now more important than ever before, as password-based authentication is now highly vulnerable to phishing, mobile malware, and remote access attacks. Biometric authentication, which was once considered a secure alternative, is now also being compromised by advanced AI and deepfakes. In response to these emerging trends, it’s crucial that banks and fintech companies invest in a future-proof authentication device to stay a big step ahead of fraudsters.

Introducing Wultra’s Talisman

Talisman is a next-generation personal identity device with a smooth user experience and compliance at its core. Talisman represents our commitment to filling a crucial market gap with a personal identity device that not only meets but exceeds the expectations of today's digital banking landscape.

Talisman, Personal Identity Device

With Talisman, we've tackled the aforementioned shortcomings of traditional hard tokens head-on by focusing on enhancing user experience, fortifying security measures, and ensuring full compliance with PSD3. Unlike traditional tokens, Talisman requires no installations or complex setups, or OTPs for transcription, which allows it to deliver a user experience as straightforward as a mobile app. 

Talisman’s user-friendly two-line display guides users through confirming and approving transactions directly on the device with ease, following the What You See Is What You Sign (WYSIWYS) principle. By leveraging FIDO2 technology, it offers robust protection against phishing and malware and ensures that every transaction is secure through the use of a single PIN.

Learn more about Wultra’s Talisman today

Related articles

CONTACT US

get in touch

Consider partnering with Wultra to meet compliance standards, deliver a secure and seamless user experience, and deliver additional value to your customers while improving your bottom line.

Ondřej kupka
ACCOUNT EXECUTIVE
Picture of Account Executive Ondrej Kupka
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.