Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
KerstinReiss
New Contributor
New Contributor

Authentication possibilities or tokens for a visual impact user

Hello,

I’ve the following question from a customer: they are using RSA SecurID with SID700 HW tokens and they search for a possibility/solution to authenticate barrier-free for a blind person. They use at home the Checkpoint EndpointSecurity VPN-Client to connect.

I found a very useful answer in your community with subject:

ADA-Compliant Authentication Tokens / https://community.rsa.com/thread/200884#comment-932417

Hereafter there are several possibilites for a visual impared user which i can understand:

SID800 USB Token with windows screen reader, RSA SecurID SW Token for Windows with screen reader and RSA SecurID Softwaretoken App with Mobile Phone

But i don’t understand the operation mode of the hint:

The USB-based RSA SecurID “SID800” hardware token along with the Windows token can auto-populate the tokencode following PIN input in several popular agents, without requiring the user to be able to see the tokencode

Could you explain to me, is there perhaps a possibility to auto-populate the Checkpoint EPS Client?

Or are there perhaps other possibilites in this case?

Thank you for assistance

Labels (1)
0 Likes
1 Reply
EdwardDavis
Employee
Employee

You may need to contact Checkpoint for the capabilities of what you have implemented...but Checkpoint Remote Clients on windows usually have what is called 'software token automation' where: if the RSA Software Token for windows exists on the same system as the Checkpoint client, the Checkpoint client can automatically fetch the current tokencode and only ask the user for the pin...and the client app does the rest and sends the pin+tokencode to the server for authentication...no need for the end user to type or know the current tokencode. SID800 USB tokencodes can also be automatically fetched by clients that use automation. For example an inserted SID800 token can be read by the RSA Software Token application as well as some other apps.

 

However I do not directly know if the Checkpoint client can automate reading a SID800 tokencode in the same way it can read a software token. One implementation guide does state that Checkpoint Remote Access client is compatible with RSA Remote Authentication Client 3.6, (otherwise known as RAC) and the RAC is specifically designed to operate with SID800 to manage the smartcard certificate storage in the SID800, as well as read tokencodes. At any rate if automation doesn't work with your selected type of RSA token, all RSA apps with tokencodes work with screenreader/narrator.