Call a Specialist Today! 800-886-5369

Celestix HOTPin
Tokenless Two-Factor Authentication


Celestix HOTPin

Celestix Products
Celestix HOTPin Server Software
Celestix HOTPin Server Software Bundle with 50 User License for SMB
- HOTPin Soluton for SMB. 50 User license with 1 Year support for client and server.
*Client Licenses & Support Purchased Separately.
#HSS-113000-SMB
Contact us for pricing!
Celestix HOTPin Server Standalone Software for Enterprise
*Client Licenses & Support Purchased Separately.
#HSS-113000-080
Contact us for pricing!

Click here to jump to more pricing!

Overview:

Looking to protect SharePoint portals? remote access via Citrix XenDesktop? Firewall access? HOTPin works in all of these scenarios. HOTPin is a simple and easy to deploy two-factor authentication solution that uses your phone as a token. HOTPin authentication service is available as software, virtual machine or appliance form factor for on premise deployment or as a managed service with pay as you go price model.

Celestix Networks HOTPin authentication solution allows companies to embrace the use of smart devices in the workplace. By installing a soft token on a mobile device, it is transformed into a token capable of generating a one time password (OTP) that can be used to authenticate the user when working remotely.

Celestix HOTPin can also simplify the authentication of remote users on devices that cannot utilize a soft token and for workers who may not own a corporate smart device such as contractors. HOTPin uses the GSM network to deliver OTPs via SMS and the email system for delivery of OTPs to an inbox.

HOTPin client now supports QR codes. Users can scan the QR code and will be instantly logged in to the application in a secure manner. The integration of this function to any web services is simple. The latest HOTPin 3.7 includes API with the samples that helps to simplify the integration into your existing server architecture.

Celestix believes IT shouldn’t be complicated and costly, but it should be secure and controlled. This is why HOTPin uses HOTP, an HMAC-based algorithm for generating OTPs. HOTP is an open standard that continues to receive extensive scrutiny from security industry experts and leading academics.

Some authentication products use time-based OTPs (leveraging a vendor assigned seed with the current time). HOTPin OTPs are event-based (using a key generated on-site by the IT manager in conjunction with a counter). As such, HOTPin OTPs are not susceptible to attacks that compromise the seed or predictable algorithms based on the current time.

Features:

  • Multiple form-factors – soft token, hard token, YubiKey, SMS, email, and instant messenger.
  • Soft tokens for iPhone, Blackberry, Windows Mobile 7, Win32, iPad and Mac
  • Clientless mode utilizes SMS, instant messenger or email for unmanaged devices
  • Intelligent price model – one price per user per year, regardless of form factor
  • Intuitive web portal for user self-provisioning
  • Simple to use administration console
  • Comprehensive reporting and compliance engine
  • Authentication server available as Appliance, Software versions and managed service
  • Integration and migration options available
  • Authentication API

HOTPin Platform

Features:

Simple Deployment

HOTPin is tokenless, providing OTP generation via soft token, Instant Messenger or SMS. User provisioning can be offered in multiple methods, from app store download or through a simple to navigate self-service portal. User adoption is high because the technology is simple to use and requires no additional hardware.

Radius Supported

HOTPin authentication server includes an instance of RADIUS server on board, providing organizations with simple deployment and easy connectivity with any standard perimeter access gateway device. With a simple management console and a multitude of reporting options as standard.

Integrations and APIs

HOTPin now includes an application programming interface (API) and software development kit (SDK) that allows an enterprise to integrate two-factor authentication into its existing web applications. This API allows administrators to modify their existing web applications to include an option on the authentication screen from which a user can choose the method of login.

Self-Enrollment

With the HOTPin User self-service portal, End users can provision themselves, import their own keys and reset their PIN if required, without having to go through IT helpdesk. Users who want to use their smart phone as a token can also import the token keys by scanning a QR code from the self-service portal.

Simple Price Model

User licensing is per registered user and is enforced on the server. One major benefit of HOTPin is that the per license price is fixed, regardless of the token form factor. For instance, the hardware token is priced the same as the soft token. This addresses a key issue in the authentication market which is the complexity of pricing for various token types.

Quick Response (QR) Code Login

HOTPin client now supports QR codes.  Users can scan the QR code and will be instantly logged in to the application in a secure manner.  The integration of this function to any web services is simple. The latest HOTPin 3.7 includes API with the samples that helps to simplify the integration into your existing server architecture.

Powerful Admin Management

HOTPin web-based administrative interface lets you easily revoke credentials, disable users, and audit access by users and groups. Extensive reporting tools are also provided and audit trails are maintained for regulatory compliance.

Comprehensive Reporting

Comprehensive reporting engine provides complete visibility.

  • Provide visibility to management
  • Enforce and monitor compliance
  • Automated report generation and delivery

Authentication Methods:


  Phone-as-a-token OTP via SMS OTP via Instant Messanger Hardware Token Virtual Keyboard
  Phone-as-a-token OTP via SMS OTP via Instant Messanger
Hardware Token
 
Description Use your smart phone as a token by installing a software token app on the mobile device to generate One Time Passwords. tokens. Users can receive One Time Passwords via text message or email for true Out of Band (OOB) authentication. Users can receive One Time Passwords via Instant Messenger for true Out of Band (OOB) authentication. Use the passcode generated on your hardware token. Use virtual pinpad on the screen to enter your PIN number.
Benefits If the device is lost, re-provisioning is simple and fast, lowering helpdesk costs and increasing employee productivity Leveraging the SMS text network or email provides simple to use and efficient delivery of the OTP to users, regardless of the cell phone device they use. It is also of benefit to organizations with deployments of devices that they do not manage directly. Leveraging the Instant Messenger provides simple to use and efficient delivery of the OTP to users. It is also of benefit to organizations with deployments of devices that they do not manage directly. Celestix Touch Tokens have a long battery life, are OATH compliant and extremely durable. To protect against shoulder surfing and keystroke logging, the pinpad randomly generates numbers in a grid at each log on, and the user enters their PIN number with mouse clicks instead of typing it.
Platforms iOS, Android, Blackberry, and Windows Mobile All phones with SMS All phones with Instant Messenger. Currently only support Yahoo Messenger and Google Talk. Celestix Mobile Touch or any OATH-compliant tokens Any web browser
Additional Cost Free download SMS messages use your account’s telephone credit No cost Buy from Celestix or import your own tokens Free Download

How It Works:

Secure your Organization with HOTPin

  • Two-Factor Authentication. Simplied.
  • Available as software, appliance, managed services and virtual machine.
  • Works with all smart phones
  • Now supports QR code login
  • Cost-effective, secure and reliable

Secure your Organization with HOTPin

One Time Passwords

ATM cards provide two-factor authentication in the tightly controlled environment of ATM machines, where each machine is equipped with a special card reader. It is not feasible to equip every laptop, desktop or tablet with a special device to read a card. That would be cost-prohibitive, time-consuming and extremely impractical.

To provide two-factor authentication for computer services and sites, users rely on a One Time Password that is generated on a device that is uniquely assigned to a user. One Time Passwords (OTP) provides security in a number of ways.

  • Always Changing
    The OTP changes after a fixed interval of time, commonly every 60 seconds. Even if an unauthorized user noted the OTP, they won’t be able to use it since it would have changed for the next session.
  • Tied to a device
    OTPs are generated using a seed that is uniquely associated with a device. Thus, every user’s OTP will be different. Since the device is assigned to a user, the OTP uniquely authenticates a user and a PC desktop client. By leveraging smart devices or text messaging, the OTP is delivered ‘on demand’ to the user. And, of course, HOTPin easily integrates with AD.

QR Login

HOTPin client now supports QR codes.  Users can scan the QR code and will be instantly logged in to the application in a secure manner. The integration of this function to any web services is simple. The latest HOTPin 3.7 includes API with the samples that helps to simplify the integration into your existing server architecture.

Solutions:

HOTPin integrates seamlessly into your VPNs, Firewalls, Microsoft TMG, UAG, Citrix XenDesktop, XenApp and Windows servers, and web applications to provide strong two-factor authentication for your entire organization.

HOTPin Two-Factor Authentication Solutions

HOTPin uses RADIUS to integrate with any remote access gateway solution like Juniper SA series, Microsoft TMG, UAG, SSH/UNIX or Citrix XenApp.

After integration, users have to enter their username, PIN and OTP to authenticate. OTPs are generated on smart phones, hardware tokens (like Celestix Touch) or received through text messages.

Here is the sample screenshot of the integration with Citrix XenDesktop.

Citrix XenDesktop Screenshot

For Microsoft UAG specifically, Celestix provides a custom agent that ensures users’ credentials are properly passed on to applications, providing true Single Sign-On.

HOTPin integration SSL-VPN Partner Logos

VPN Microsoft Web SSH & Unix Citrix
HOTPin integrates with all major SSL VPN vendors to protect remote access. HOTPin integrates with Microsoft DirectAccess, Threat Management Gateway and Microsoft Unified Access Gateway. Use our SDK to add two-factor-authentication to your web application. Protect local and remote logins with HOTPin. HOTPin integrates with XenApp and XenDesktop to protect your virtual environment.

Product Details:


Client Mode – Soft Tokens

Supported platforms

  • iOS
  • Android
  • Windows Phone 7
  • Blackberry
  • Microsoft Windows
  • Mac

Clientless Mode – Out of Band

One Time Passwords can be delivered without a token for true Out of Band (OOB) authentication.

  • SMS and text-messages
  • Emails
  • Instant Messenger
  • QR code via camera

For users who might be out of network coverage, HOTPin can send an additional OTP at time of successful logon. This OTP can be stored on the users’ device for subsequent use.

Hardware Tokens

HOTPin can be purchased with hard tokens for users as needed.

  • OATH compliant
  • HOTP (event-based)
  • 6 digit OTPs

Third-party Hardware Tokens

HOTPin supports any HOTP compliant hardware token

  • OATH compliant
  • HOTP (event-based)
  • 6 digit OTPs

This allows interoperability and ease of migration.

Quick Installation

Installation and deployment is designed to be simple.

  • Award winning COMET interface
  • Embedded RADIUS server
  • LCD display and jog dial (for appliances)
  • Built-in database
  • AD synchronization for user management

Self-Service Portal

End users can provision themselves, import their own keys and reset their PIN if required, without having to go through IT helpdesk.

  • Reduce IT help desk costs
  • Enhanced user experience
  • Higher adoption and user satisfaction

QR Provisioning

HOTPin soft tokens users can import the token keys by scanning a QR code from the self service portal.

Comprehensive Reporting

Comprehensive reporting engine provides complete visibility.

  • Provide visibility to management
  • Enforce and monitor compliance
  • Automated report generation and delivery

Customization

HOTPin server, self-service portal and soft token application can be customized to promote corporate branding.

License:

Server License

HOTPin authentication server is available at a fixed priced and requires the procurement of an annual maintenance fee.

Subscription

User licensing is per registered user and is enforced on the server. One major benefit of HOTPin is that the per license price is fixed, regardless of the token form factor. For instance, the hardware token is priced the same as the soft token. This addresses a key issue in the authentication market which is the complexity of pricing for various token types.

HOTPin licenses are available on a renewable basis for terms of 1, 2 and 3 years.

Next Steps

Video:

Celestix HOTPin Two-Factor Authentication Solution


Documentation:

Download the Celestix HOTPin Datasheet (.PDF)

 

Celestix HOTPin Server Software
Celestix HOTPin Server Software Bundle with 50 User License for SMB
- HOTPin Soluton for SMB. 50 User license with 1 Year support for client and server.
*Client Licenses & Support Purchased Separately.
#HSS-113000-SMB
Contact us for pricing!
Celestix HOTPin Server Standalone Software for Enterprise
*Client Licenses & Support Purchased Separately.
#HSS-113000-080
Contact us for pricing!
Celestix Server Software 8x5 Support & Maintenance
Celestix HOTPin Server Software for SMB Support, 1 year
#EFS-113000-SMB
Contact us for pricing!
Celestix HOTPin Server Software 8x5 Support, 1 Year
#EFS-113000-100
Contact us for pricing!
Celestix HOTPin Server Software 8x5 Support, 3 Year
#EFS-113000-300
Contact us for pricing!
Celestix Server Software 24x7 Support & Maintenance
Celestix HOTPin Server Software 24x7 Support, 1 Year
#TFS-113000-100
Contact us for pricing!
Celestix HOTPin Server Software 24x7 Support, 3 Year
#TFS-113000-300
Contact us for pricing!
Celestix HOTPin Client - User Licenses with Support Contract - 1 Year
1 Year HOTPin Client - 1 to 100 users
*Price per client. Quantity must be 1 or greater.
#HTP-020100-100
Contact us for pricing!
1 Year HOTPin Client - 101 to 250 users
*Price per client. Quantity must be 101 or greater.
#HTP-020250-100
Contact us for pricing!
1 Year HOTPin Client - 251 to 500 users
*Price per client. Quantity must be 251 or greater.
#HTP-020500-100
Contact us for pricing!
1 Year HOTPin Client - 501 to 1,000 users
*Price per client. Quantity must be 501 or greater.
#HTP-021000-100
Contact us for pricing!
1 Year HOTPin Client - 1,001 to 5,000 users
*Price per client. Quantity must be 1,001 or greater.
#HTP-025000-100
Contact us for pricing!
1 Year HOTPin Client - 5,000 to 10,000 users
*Price per client. Quantity must be 5,000 or greater.
#HTP-210000-100
Contact us for pricing!
Celestix HOTPin Client - User Licenses with Support Contract - 3 Year
3 Year HOTPin Client - 1 to 100 users
*Price per client. Quantity must be 1 or greater.
#HTP-020100-300
Contact us for pricing!
3 Year HOTPin Client - 101 to 250 users
*Price per client. Quantity must be 101 or greater.
#HTP-020250-300
Contact us for pricing!
3 Year HOTPin Client - 251 to 500 users
*Price per client. Quantity must be 251 or greater.
#HTP-020500-300
Contact us for pricing!
3 Year HOTPin Client - 501 to 1,000 users
*Price per client. Quantity must be 501 or greater.
#HTP-021000-300
Contact us for pricing!
3 Year HOTPin Client - 1,001 to 5,000 users
*Price per client. Quantity must be 1,001 or greater.
#HTP-025000-300
Contact us for pricing!
3 Year HOTPin Client - 5,000 to 10,000 users
*Price per client. Quantity must be 5,000 or greater.
#HTP-210000-300
Contact us for pricing!