The Token is a pocket technological device that is used to safely identify the user on line. The token was created to make more secure transactions and safeguard users from the risk of phishing; it is also called a cryptographic token, hardware token and token for authentication in addition to O.T.P. (Acronym for One-Time-Password, which creates time password).
It ‘a personal tool, handy and portable, active 24 hours a day, does not require any software installation, it simply uses the touch of a button showing a password on a small display and can be easily used to perform all sorts of transactions online account from any computer, safely, without leaving traces.
This device, very small and practical. It comes with a screen and a numeric keypad, works with solar powered batteries, and looks like a common calculator. It is used to generate passwords, through a randomization algorithm (in a completely random) . The Token is beginning to spread more and more among the banks that are have renamed them with different names: Monte dei Paschi di Siena (PaschiDoveVuoi), BNP Paribas-BNL (BNL Pass), UniCredit Bank (UniCredit Pass), Credem (Mr.Pin) Sanapaolo.com (O-Key), IW Bank (Token), Marche Bank (OTP), ABN Amro-Antonveneta (Ge.Co).
The algorithm is unique to each token that produces, for each session, a different numeric string so that the user can enter whenever you want to connect to your bank; the token and the server are not connected, do not send information, simply simultaneously generate the same numeric string at a user and when these match the user is authenticated.
The password remains visible for only 30-60 seconds and change at every access while the user identification code is always the same and is contained between the algorithm variables of the device, which is synchronized with the remote server of the bank . The server in turn, generates the same number string, allowing access to the account, only when the numeric string is equal to that user. The system then works with a double identification: with the ID and password, and the second-time password generated by the token.