FortiToken Mobile is an OATH compliant, time-based One Time Password (OTP) generator application for the mobile device. It is the client component of Fortinet’s highly secure, simple to use and administer, and extremely cost effective solution for meeting your strong authentication needs. It makes the end-user mobile device behave like a hardware based one-time-password OTP token without the hassle of carrying one, while providing easy administration and high security for network authentication.
FortiToken Mobile – Software (OTP) for Mobile Devices Features & Benefits
- Fast and easy over-the-air installation provides more convenience for the end user and better security than hard token deployments
- Device binding ensures the token cannot be copied to another device making it a true second factor
- Highly secure, hosted, seed provisioning service that never exposes seeds on the Internet makes the token invulnerable to online attacks
- Simple centralized token management and provisioning via FortiAuthenticator makes the FortiToken Mobile a low cost, low overhead solution for two factor authentication
- PIN protected application with self-erase (on excess failed PIN attempts) keeps the tokens safe even if the device is lost or stolen
- Broad mobile platform support, including iPhone, iPad, iPod Touch and Android
Leverage Existing Fortinet Platforms
Besides offering out-of-the-box interoperability with any time-based OATH compliant authentication server, such as the FortiAuthenticator from Fortinet, the FortiToken can also be used directly with the FortiGate® consolidated security platform, including High Availability configurations. FortiGate has an integrated authentication server for validating the FortiToken-200 OTP as the second authentication factor for SSL VPN, IPSec VPN, Captive Portal and Administrative login, thereby eliminating the need for the external RADIUS server ordinarily required when implementing two-factor solutions.
Online Activation with FortiGuard
You can activate your FortiToken-200 tokens online directly from FortiGate or FortiAuthenticator using the FortiGuard® Center, which maintains your token seeds in a managed service repository. Once the seeds are activated, they can no longer be accessed from FortiGuard, ensuring that your seeds are safe from compromise.