Which of the following types of authentication tokens forms a logical connection to the client computer but does not require a physical connection?
Contactless tokens are the third main type of physical tokens. Unlike connected tokens, they form a logical connection to the client computer
but do not require a physical connection. The absence of the need for physical contact makes them more convenient than both connected and
disconnected tokens. As a result, contactless tokens are a popular choice for keyless entry systems and electronic payment solutions such as
Mobil Speedpass, which uses RFID to transmit authentication information from a keychain token. However, there have been various security
concerns raised about RFID tokens after researchers at Johns Hopkins University and RSA Laboratories discovered that RFID tags could be
easily cracked and cloned. Another downside is that contactless tokens have relatively short battery lives, usually only 3-5 years, which is low
compared to USB tokens which may last up to 10 years. However, some tokens do allow the batteries to be changed, thus reducing costs.
Answer A is incorrect. Virtual tokens are a new concept in multi-factor authentication first introduced in 2005 by security company
Sestus. Virtual tokens work by sharing the token generation process between the Internet website and the user's computer and have the
advantage of not requiring the distribution of additional hardware or software. In addition, since the user's device is communicating directly
with the authenticating website, the solution is resistant to man-in-the-middle attacks and similar forms of online fraud.
Answer B is incorrect. Connected tokens are tokens that must be physically connected to the client computer. Tokens in this category
will automatically transmit the authentication information to the client computer once a physical connection is made, eliminating the need for
the user to manually enter the authentication information. However, in order to use a connected token, the appropriate input device must be
installed. The most common types of physical tokens are smart cards and USB tokens, which require a smart card reader and a USB port,
respectively.
Answer C is incorrect. Disconnected tokens have neither a physical nor logical connection to the client computer. They typically do not
require a special input device, and instead use a built-in screen to display the generated authentication data, which the user enters manually
via a keyboard or keypad. Disconnected tokens are the most common type of security token used (usually in combination with a password) in
two-factor authentication for online identification.
Currently there are no comments in this discussion, be the first to comment!