Menu
  • Home
  • TaxPro Products
    • Product Features
      • TaxPro IT
      • TaxPro XBRL
      • TaxPro e-TDS-Corporate
      • TaxPro e-TDS-Professional
      • TaxPro e-TDS-Standard
      • TaxPro Digital Signer
      • TaxPro SVT
      • TaxPro Enterprize
      • TaxPro Challan
    • Purchase Online
  • Security Products
    • Finger Print System
    • Face Reader System
    • RFID Card Reader System
    • Door Locks / VDP
    • Barriers
    • Turnstiles
    • Metal Detectors
    • FEITIAN Products
  • Digital Signatures
    • Application Form
    • DSC Enrollment - Sify
    • DSC Enrollment - nCode
    • TaxPro Bulk PDF Signer
    • TCS File Signer Plus
    • Token Drivers
    • Business Inquiry
  • Downloads
    • Finger Print System
    • Face Reader System
    • RFID Card Reader System
    • Door Locks / VDP
    • Barriers
    • Turnstiles
    • Metal Detectors
    • FEITIAN Products
  • Support
    • TaxPro FAQ's
    • Feedback
    • Reviews
    • Holiday List
  • TaxProGST
    • TaxProGST Lib
      • Developers Guide
      • Download Library
  •       Google+
  • About Us
  • Contact Us
  • Clients      
Call +91-712-663 8888(100 Lines)
Home > FEITIAN > FEITIAN Products
FEITIAN Products
    • ePass2003/Auto
    • StorePass2003
    • AudioPass2003
    • InterPass3000
    • iInterPass
    • Smart SD Card
    • OTP c100
    • OTP c200
    • OTP c300
    • OTP c500
    • Mobile OTP
    • FOAS
    • R301
    • R502-Dual
    • R502-CL
    • bR301
    • iR301
    • iR301U-C
    • aR520
    • PKI Smart Card
    • Java Smart Card
    • ePayPOS5000
    • Using ePass
    • Using EID Authentication
Drivers & FAQs
  • Driver Downloads
  • Errors & Solutions(FAQs)
REALSEC Products
  • Link 1
  • Link 2
  • Link 3
  • Link 4

e-Pass - PKI Token

ePass2003/Auto
ePass2003 FIPS Logo ePass2003Auto
  • Overview
  • Specifications
  • Features
  • Certification
  • Datasheet/Flyer
ePass2003/Auto is the world's foremost cryptographic identity verification module. ePass by FEITIAN provides a host of indispensable protective measures for digital communication and transaction. As a two factor authentication solution ePass2003/Auto can secure local and remote desktop and network log-on. Key cryptography and the digital signing of emails, documents, and transactions are performed onboard in the secure token framework which is impervious to after-market modification and manipulation.
Supported Operating System 32bit and 64bit Windows XP SP3, Server2003 , Vista, Server2008, 7
32bit and 64bit Linux
MAC OS X
Middleware Microsoft Windows MiniDriver
Windows middleware for Windows CSP
Direct-called library for PKCS#11 under Windows, Linux and MAC
Standards X.509 v3 Certificate Storage, SSL v3, IPSec, ISO 7816 1-4 8 9 12, CCID
Cryptographic Algorithms RSA 512/1024/RSA 2048 bit
ECDSA 192/256 bit (optional)
DES/3DES
AES 128/192/256 bit
SHA-1 / SHA-256
Cryptographic Functions Onboard key pair generation
Onboard digital signature and verification
Onboard data encryption and decryption
Cryptographic APIs Microsoft Crypto API (CAPI), Cryptography API: Next Generation (CNG)
Microsoft Smart Card MiniDriver
PKCS#11
PC/SC
Processor 16 bit smart card chip (Common Criteria EAL 5+ certified)
Memory Space 64KB (EEPROM)
Endurance At least 500,000 write/erase cycles
Data Retention More than 10 years
Connectivity USB 2.0 full speed, Connector type A
Interface ISO 7816
CCID
Power Consumption Less than 250mW
Operating Temperature 0°C ~ 70°C
(32°F ~ 158°F)
Storage Temperature -20°C ~ 85°C
(-4°F ~ 185°F)
Humidity 0% ~ 100% without condensation
Water Resistance IPX8 with glue injection (under evaluation)
Feature varies according to product model
Feature varies according to product model
Built-in high-performance secure smart card chip
Smart card chip certified by Common Criteria EAL 5+
On board RSA, AES, DES/3DES, SHA-1, SHA-256 algorithms approved by NIST FIPS CAVP Hardware random number generator
64KB EEPROM memory to store private keys, multiple certificates and sensitive data

FEITIAN Card Operating System with proprietary IP
Design according to FIPS 140-2 level 3 standard, FIPS 140-2 level 2 certified
Secure messaging ensures confidentiality between the device and the application
Support X.509 v3 standard certificate. Support storing multiple certificate on one device
Onboard RSA2048 key pair generation, signature and encryption
64 bit universal unique hardware serial number

Tamper evident hardware USB Token
USB full speed device
Compliant with ISO 7816 1-4 8 9 12, PC/SC and CCID device
Water resistant with glue injection (under evaluation)
Flexible hardware customization options such as logo, colour and casing

Reliable middleware supports multiple operating systems
Supports Windows, Linux and Mac OS
Compliant with Windows mini driver standard, work with Microsoft Base Smart Card CSP, supports Microsoft smart card enrollment for windows smart card user and smart card logon
Support PKCS #11 standard API, Microsoft CryptoAPI and Microsoft CryptoAPI : Next Generation (CNG)
Work with PKCS#11 & CSP compliant software like Netscape, Mozilla, Internet Explorer and Outlook

Easy integration with various PKI applications
Ideal device to carry digital certificates and works with all certificate related applications
Highly security ensured device for computer and network sign-on
Easy-to-use web authentication, Plug & Play under Windows systems
Support document, email and transaction signature and encryption
FIPS FIPS 140-2 Level 2 ★
Common Criteria Common Criteria EAL 5+ (chip level)
Microsoft WHQL Microsoft WHQL
Linux PCSC Linux PCSC-Lite/LibCCID
RoHS RoHS
Check Point Check Point
Entrust Ready Entrust Ready
USB USB
CE FCC CE FCC
ePass2003/Auto
ePass2003 Datasheet Download Link
ePass2003 Flyer Download Link

e-Pass - PKI Token

StorePass2003 PKI USB Token
Store Pass
  • Overview
  • Specifications
  • Features
  • Certification
  • Datasheet/Flyer
StorePass by FEITIAN is a hybrid device which combines Flash memory with Public Token Infrastructure technology. The onboard smart card provides strong protection to user credentials as well as a flash drive to carry regular programs and files. It is centered on high security, usability and convenience, making it a smart choice for industrious enterprises or financial institutions.
Supported Operating System 32 bit and 64 bit Windows XP SP3, Server2003 , Vista, Server2008, 7
32 bit and 64 bit Linux
MAC OS X
Middleware Microsoft Windows MiniDriver
Windows middleware for Windows CSP
Direct-called library for PKCS#11 under Windows, Linux and MAC
Standards X.509 v3 Certificate Storage, SSL v3, IPSec, ISO 7816 1-4 8 9 12, CCID
Cryptographic Algorithms RSA 512/1024/RSA 2048 bit
ECDSA 192/256 bit (optional)
DES/3DES
AES 128/192/256 bit
SHA-1 / SHA-256
Cryptographic Functions Onboard key pair generation
Onboard digital signature and verification
Onboard data encryption and decryption
Cryptographic APIs Microsoft Crypto API (CAPI), Cryptography API: Next Generation (CNG)
Microsoft Smart Card MiniDriver
PKCS#11
PC/SC
Flash Memory 1GB, 2GB up to 8GB
Flash Endurance At least 20,000 write/erase cycles
Processor 16 bit smart card chip (Common Criteria EAL 5+ certified)
Memory Space 64KB (EEPROM)
Endurance At least 500,000 write/erase cycles
Data Retention More than 10 years
Connectivity USB 2.0 full speed, Connector type A
Interface ISO 7816
CCID
Power Consumption Less than 250mW
Operating Temperature 0°C ~ 70°C
(32°F ~ 158°F)
Storage Temperature -20°C ~ 85°C
(-4°F ~ 185°F)
Humidity 0% ~ 100% without condensation
Feature varies according to product model
Onboard mass Flash memory supports auto-run and system boot-up
Onboard 1GB, 2GB up to 8GB flash memory to store middleware
Device registers a virtual CD-ROM to host computer, supporting Auto-run and auto-installation
Device supports computer system boot-up with built-in CD-ROM
Plug & Play and non-driver device under Windows, Linux and MAC

Built-in high-performance secure smart card chip
Smart card chip certified by Common Criteria EAL 5+
On board RSA, AES, DES/3DES, SHA-1, SHA-256 algorithms approved by NIST FIPS CAVP
Hardware random number generator
64KB EEPROM memory to store private keys, multiple certificates and sensitive data

FEITIAN Card Operating System with proprietary IP
Design according to FIPS 140-2 level 3 standard, FIPS 140-2 level 2 certified (Under evaluation)
Secure messaging ensures confidentiality between the key and the application
Support X.509 v3 standard certificate. Support storing multiple certificate on one device
Onboard RSA2048 key pair generation, signature and encryption
64 bit universal unique hardware serial number

Reliable middleware supports multiple operating systems
Supports Windows, Linux and Mac OS
Compliant with Windows mini driver standard, work with Microsoft Base Smart Card CSP, supports Microsoft smart card enrollment for windows smart card user and smart card logon
Support PKCS #11 standard API, Microsoft CryptoAPI and Microsoft CryptoAPI : Next Generation (CNG)
Work with PKCS#11 & CSP compliant software like Netscape, Mozilla, Internet Explorer and Outlook

Easy integration with various PKI application
Ideal device to carry digital certificate and work with all certificate related applications
Highly security ensured device for computer and network sign-on
Easy-to-use web authentication, Plug & Play under Windows systems
Support document, email and transaction signature and encryption
FIPS FIPS 140-2 Level 2 (Under Evaluation)
Common Criteria Common Criteria EAL 5+ (chip level)
Microsoft WHQL Microsoft WHQL
Linux PCSC Linux PCSC-Lite/LibCCID
RoHS RoHS
Check Point Check Point
Entrust Ready Entrust Ready
USB USB
CE FCC CE FCC
StorePass2003 PKI USB Token
StorePass2003 Datasheet Download Link

e-Pass - PKI Token

AudioPass2003
StorePass
  • Overview
  • Specifications
  • Certification
  • Datasheet/Flyer
With the prevalence of smart phones mobile banking and payment is becoming increasingly popular. A user friendly interface, a convenient self-service banking platform, access anytime and anywhere, there are the factors that distinguish FEITIAN AudioPass and position it a cut above the rest of this competitive application market.

AudioPass is a highly usable and secure transaction signing device developed for smartphones. It works with the mobile banking applications through the standard 3.5mm headphone jack to provide digital signature to secure transactions and protect customer accounts.

FEITIAN’s flexible banking token option offers complete solutions for all user types at all levels, which encourages user acceptance and considerably reduces IT costs and fixed costs associated with token hardware.
Operating Voltage 5V
Operating Current < 60mA
Operating Temperature 0C to 50C
Storage Temperature -20C to 70C
Operating Humidity 40-90% non-condensing
Storage Humidity 60-90%RH
Processor Smart Card Chip
Port 3.5mm Standard Jack & MicroUSB
Dimensions (LXHXW) 52 X 37.2 X 7.1 mm
Casing Material Kirksite & Acrylic
Storage Space 10KB
Data Rewrite EEPROM: 100000
Chip Security Level Security Encrypted data storage
Data Retention At least 100 Years
Supported OS iOS3.2+
Android2.1+
Windows Phone
Mac OS X 10.5+
Windows 2000/2003/Vista/2008/7/8/8.1
Supported Standard CSP/PKCS#11
MS CAPI
X.509v3
SSL v3
IPSec
Compatible with ISO7816
Built in Algorithm RSA
DES / 3DES
MD5
SHA-1/SHA-2
Feature varies according to product model
AudioPass2003
AudioPass2003 Flyer Download Link
CE FCC CE FCC
RoHS RoHS

e-Pass - PKI Token

InterPass3000 PKI Token
InterPass3000
  • Overview
  • Specifications
  • Features
  • Certification
  • Datasheet/Flyer
InterPass by FEITIAN allows the user to audit and control the entire cryptographic process. InterPass PKI Token is a user interactive PKI device for online banking; offering the most comprehensive standards of transaction verification. InterPass PKI Token is equipped with a large LCD screen which displays details of the secure operations being performed in real time, such as the transfer amount of funds and the transacting bank account numbers. The user retains complete control of the entire process through use of the interactive buttons.
Supported Operating System 32bit and 64bit Windows XP SP3, Server2003 , Vista, Server2008, 7
Middleware Windows middleware for Windows CSP
PKCS#11 library for Windows
Standards X.509 v3 Certificate Storage, SSL v3, IPSec, ISO 7816 Compliant
Cryptographic Algorithms RSA 512/1024/RSA 2048 bit
DES/3DES
MD5
SHA-1 / SHA-256
Cryptographic Functions Onboard key pair generation
Onboard digital signature and verification
Onboard data encryption and decryption
Cryptographic APIs Microsoft Crypto API (CAPI)
PKCS#11
LCD Screen LCD Type: FSTN
Size: bigger than 1 inch
Display in 4 lines
Lifetime: more than 10,000 hours
Button Number of button: 4 (confirm/cancel/scroll up/scroll down)
Material: Acrylic (PMMA)
Endurance: more than 300,000 times
Flash Memory 1MB up to 8MB
Flash Endurance At least 20,000 write/erase cycles
Processor 32 bit smart card chip
Memory Space 32KB User Memory
Endurance At least 500,000 write/erase cycles (EEPROM)
Data Retention More than 10 years
Connectivity USB 1.1, USB2.0 compliant, Connector type A (through USB cable)
Interface ISO 7816
Power Consumption Less than 500mW
Operating Temperature 0°C ~ 50°C
(32°F ~ 122°F)
Storage Temperature -20°C ~ 70°C
(-4°F ~ 158°F)
Humidity 40% ~ 90% without condensation
Feature varies according to product model
Built-in LCD screen to display transaction information
128 x 64 four lines LCD screen
Support GB18030 character set
Customizable welcome screen

Built-in user interactive buttons to control onboard cryptographic operation
Four buttons: two buttons to confirm and cancel the operation, two buttons to scroll up and down the screen
Blue LED keyboard light
Automatically cancel the operation after timeout

Built-in high-performance 32 bit secure smart card chip
Onboard RSA, DES/3DES, MD5, SHA-1, SHA-256
Hardware random number generator
32KB user memory to store private keys, multiple certificates and sensitive data

FEITIAN Card Operating System with proprietary IP
Hardware render the transition details and control user interaction
Secure messaging ensures confidentiality between the token and the application
Support X.509 v3 standard certificate. Support storing multiple certificate on one device
Onboard RSA2048 key pair generation, signature and encryption
64 bit universal unique hardware serial number

Reliable middleware supports multiple operating systems
Supports Windows OS
Support PKCS #11 standard API and Microsoft CryptoAPI
Work with PKCS#11 & CSP compliant software like Netscape, Mozilla, Internet Explorer and Outlook

Easy integration with various PKI application
Ideal device to carry digital certificates and works with all certificate related applications
Highly security ensured device for computer and network sign-on
Easy-to-use web authentication, Plug & Play under Windows
Support document, email and transaction signature and encryption
RoHS RoHS
USB USB
CE FCC CE FCC
InterPass3000 PKI Token
InterPass3000 PKI Token Datasheet Download Link

e-Pass - PKI Token

iInterPass
iInterPass iphone Compatible
  • Overview
  • Specifications
In addition to the microUSB port support, FEITIAN iINterPass mobile banking token has a built-in 30-pin connectors, which makes it certified by the MFi program and specially designed for the Apple iOS platform (iPhone/iPad/iPod Touch). iInterPass mobile banking token provides digital signature to secure transactions and protect customer's accounts. The built-in OLED screen and button enable the customer to check and confirm the signed transaction details effectively eliminating real time third party manipulation.

The built-in high performance smart card chipset and OLED screen on iInterPass provide an equivalent level of security to FEITIAN’s ePass PC series USB token. With iInterPass customers can protect their transaction anytime and anywhere the mobile banking application takes them.

FEITINA’s flexible banking token options offer complete solution for all user types at all level, which encourages user acceptance and considerable reduces IT costs and the fixed costs associated with token hardware.
Operating Voltage – 5V
Operating Current < 60mA
Operating Temperature 0°C to 50°C
Storage Temperature -20°C to 70°C
Operating Humidity 40-90% non-condensing
Storage Humidity 60-90%RH
Processor Smart Card Chip
Port Dock/Lightning & MicroUSB
Dimensions (LXHXW) 58 X 42X 8 mm
Casing Material Kirksite & Acrylic
Storage Space 64KB
Data Rewrite EEPROM: 300000
Flash 100000
Chip Security Level Security Encrypted data storage
Data Retention At least 100 Years
Supported OS iOS3.2+
Mac OS X 10.5+
Windows 2000+
Supported Standard CSP/PKCS#11
MS CAPI
X.509v3
SSL v3
IPSec
Compatible with ISO7816
Certification CE / FCC / RoHS
Built in Algorithm RSA
DES / 3DES
MD5
SHA-1/SHA-2
Screen Type – OLED
Size – 1.3 Inch
Number of Character Displayed – 4 Lines X 16 characters
Lifetime - >10000 hours
Button Button Number – 4 (Up/Down/Confirm/Cancel)
Operating Method - Touch
Feature varies according to product model

e-Pass - PKI Token

Smart SD Card
Smart SD Card
  • Overview
  • Specifications
  • Datasheet/Flyer
FEITIAN Smart SD is a security authentication device. Featuring an on-board high performance smart card chip, Smart SD support RSA, DES, 3DES, SHA1, HMAC-MD5 algorithms which provide high security data encryption and authentication used widely on the PKI infrastructure. Smart SD is ideally suited to online and mobile banking.

Smart SD supports all major windows desktop operating systems (Windows 2000 above) and almost all popular smartphone system including Android, Windows Mobile, and Symbian establishing its broad adoption base.

Added benefits includes 2G to 8G of storage space providing smart SD the capacity of function as a USB Disk.

Key Features:
  • Easy to Adopt
  • Supports MicroSD connector.
  • High Performance Hardware with built in Smartcard Chip, supports 512 & 1024 bit RSA, built in secure file system, chip security storage space is 64K
  • Open Interface – Full support PKI application, provide CSP and PKCS#11 interface for 3rd party integration.
Operating Voltage – 5V
Operating Current 80 ~ 150mA
Operating Temperature 0°C to 70°C
Storage Temperature -20°C to 85°C
Humidity 0-100% non-condensing
Processor Smart Card Chip
Supported Port USB 1.1, combatable with 2.0
Casing Material ABS
Storage Space 64KB
Data Rewrite 100000 (in normal temperature)
Chip Security Level Security Encrypted data storage
Data Retention 10 Years in normal temperature
Supported OS Mac OS
Android
Windows Phone
Symbian
Windows 2000/2003/Vista/2008/7/8
Linux (Customizable)
Certification & Standard PKCS#11 v2.11
MS CAPI
X.509v3
SSL v3
IPSec
Compatible with ISO7816
Supported Algorithm RSA
DES / 3DES
SHA-1
FEITIAN Private Algorithm (Optional)
Feature varies according to product model
Smart SD Card
Smart SD Card Datasheet Download Link

OTP Devices

OTP c100
OTP c100
  • Overview
  • Specifications
  • Features
  • Datasheet/Flyer
Front, Back, and Side to Side
FEITIAN OTP c100 is typically supported by the FEITIAN OTP Authentication System (FOAS) back end server. FOAS delivers a complete solution to organizations of all sizes and orientations by streamlining all authentication operations, such as deployment, provisioning and maintenance significantly reducing IT overhead. Centralized integration and management take place on the server side; this ensures that the user experience is simple and easily to understand while at the same time administration is reliable and secure. With the advanced security measures provided by FEITIAN OTP c100 and FOAS organizations take an important step toward the development of user confidence in their brand.

Adaptable Solution for a Secure Fit
Specifically engineered in accord with the standards of the Open Authentication (OATH) consortium FEITIAN HOTP Tokens can serve as a seamless hardware solution for any organization which maintains and operates an OATH compliant back end authentication server. Additionally Feitian offers a host of options, tailoring the token deployment to satisfy the particular requirements of any job. Unique faceplate and colour customizations are available for OEM. For large scale projects the seed code can be generated and inserted into the token locally at the user's site. Password number sequences are available in sets of six or eight digits.
User Interface 8-character high contrast LCD display
Built-in button
Security Algorithms OATH compliant event-based HOTP
Memory Type Random Access Memory (RAM)
Endurance More than 14,000 clicks
Battery Lifecycle 5 years
Power Consumption Less than 0.005mW
Operating Temperature -10°C ~ 50°C
(14°F ~ 122°F)
Storage Temperature -20°C ~ 70°C
(-4°F ~ 158°F)
Humidity 0% ~ 100% without condensation
Physical Resistance Tamper evident
IP54 ingress protection (under evaluation)
Feature varies according to product model
Strong two-factor authenticator through dynamic password technology
Unique password generated each time, password cannot be reused
Zero software install at client side
Zero footprint authentication
Minimum change to existed static password authentication system

OATH compliant event-based HOTP device
Compliant with OATH open algorithm
Easy to be integrated with 3rd party OATH authentication system
PSKC format seed code available

Easy to use and portable
Simple one-click to generate the one-time-password
No PIN needed
Independent to end-user environment. No external connection is needed
Easy to carry on a key ring

Single-button OTP hardware token
8-character high contrast LCD display with a count-down timing bar
One built-in button
Onboard event counter
Non-replaceable built-in battery
Secure Random Access Memory (RAM)
Unique token serial number

Secure, robust and long life hardware design
Battery lifetime expectancy 5 to 7 years
Seed code stored with encryption and protection
Tamper evidence

Flexible customization options
Customizable 6 or 8 digits pass code
Faceplate, casing color and serial number customizable
Customizable industrial and end-user packaging

Support FOAS server
Standard Radius authentication service
Easy to integrate with a wide range of authentication and access gateway solutions
Centralized authentication and graphical management system
Stable performance under heavy duty environment
OTP c100
OTP c100 Flyer Download Link

OTP Devices

OTP c100
OTP c200
  • Overview
  • Specifications
  • Features
More Than Meets the Eye
The addition of a large display LCD screen delivers a crisp and clear image of the number sequence, providing easily readable data output. This is a convenient feature for the elderly or those who might struggle to read a less presentable user interface. Compact and tamper resistant hardware casing, reinforced by glue injection, eliminates the possibility of damage from water and further protects the onboard clock against harsh temperature conditions to enable easy user storage and management of the module. Enhanced battery life makes FEITIAN TOTP Tokens a solid investment for years to come.

Front, Back, and Side to Side
FEITIAN TOTP Tokens are typically supported by the FEITIAN OTP Authentication System (FOAS) back end authentication server. FOAS delivers a complete solution to organizations of all sizes and orientations by streamlining all authentication operations, such as deployment, provisioning and maintenance, significantly reducing IT overhead. With the advanced security measures provided by the FEITIAN TOTP Token / Feitian FOAS platform organizations take an important step toward the development of user confidence in their brand. Administrators maintain full oversight of the integration of token based user activity with the management interface.

Adaptable Solution for a Secure Fit
Specifically engineered in accord with the standards of the Open Authentication (OATH) consortium Feitian TOTP Tokens can serve as a seamless hardware solution for any organization which maintains and operates a private OATH compliant back end authentication server. Additionally Feitian offers a host of hardware OEM services, tailoring the token deployment to satisfy the particular requirements of any job. Unique faceplate, logo, and colour customizations are also available. For large scale projects the seed code can be generated and inserted into the token on site at the user's location.
User Interface 8-character high contrast LCD display
Built-in button
Security Algorithms OATH compliant event-based TOTP
Memory Type Random Access Memory (RAM)
Endurance More than 14,000 clicks
Battery Lifecycle 5 years
Power Consumption Less than 0.01mW
Operating Temperature -10°C ~ 50°C
(14°F ~ 122°F)
Storage Temperature -20°C ~ 70°C
(-4°F ~ 158°F)
Humidity 5% ~ 90% without condensation
Physical Resistance Tamper evident
IP68 with glue injection (under evaluation)
Feature varies according to product model
Strong two-factor authenticator through dynamic password technology
Unique password generated each time, password cannot be reused
Zero software install at client side
Zero footprint authentication
Minimum change to existed static password authentication system

OATH compliant time-based TOTP device
Compliant with OATH open algorithm
Easy to be integrated with 3rd party OATH authentication system
PSKC format seed code available

Easy to use and portable
Simple one-click to generate the one-time-password
No PIN needed
Independent to end-user environment. No external connection is needed
Easy to carry on a key ring

Single-button OTP hardware token
8-character high contrast LCD display with a count-down timing bar
One built-in button
Onboard accurate Real Time Clock (RTC)
Non-replaceable built-in battery
Secure Random Access Memory (RAM)
Unique token serial number

Secure, robust and long life hardware design
Battery lifetime expectancy 5 to 7 years
Seed code stored with encryption and protection
Tamper evidence

Flexible customization options
Customizable 6 or 8 digits pass code
Customizable OTP refresh frequency (for time based algorithms)
Faceplate, casing color and serial number customizable
Customizable industrial and end-user packaging

Support FOAS server
Standard Radius authentication service
Easy to integrate with a wide range of authentication and access gateway solutions
Centralized authentication and graphical management system
Stable performance under heavy duty environment

OTP Devices

OTP c300
OTP c300
  • Overview
  • Specifications
  • Benefits
  • Features
  • Datasheet/Flyer
Secure Digital Signing
FEITIAN OCRA Token serves an important function as a PIN protected offline time or event based authentication token but it can also be utilized as a tool for digital signing of online transactions. When performing an online banking operation a user can enter the account details and the intended amount of funds into the OCRA keypad, the device will take this information along with the time and the user's unique key to generate and attach a digital signature to the exchange, ensuring that any unwarranted third party data modification will immediately be detected.

Cross Validation
The OCRA challenge response process can be used to authenticate the identity of users in a variety of situations not strictly limited to online, for instance over the telephone, the process of deriving a seed based response from a specific challenge sequence can be used to validate the identity of a token operator. This identification interaction can be used to authenticate the validity of the institution or organization requesting personal information from the token operator as well.

'Dual Authentication' confirms the legitimacy of a website or server
Before a password is revealed the user must satisfy the challenge factor presented by the token. The challenge response system is based on a shared secret key which can also be used to verify the legitimacy of a website or server requesting personal information from a token user. "Dual Authentication" as this process is known, is becoming an ever more important precaution as instances of illegitimate data requests from cleverly constructed imposter sites are steadily on the rise.
User Interface 8-character high contrast LCD display
Built-in keypad
Security Algorithms OATH compliant challenge-response OCRA
Memory Type Random Access Memory (RAM)
Endurance More than 10,000 clicks
Battery Lifecycle 5 years
Operating Temperature -10°C ~ 50°C
(14°F ~ 122°F)
Storage Temperature -20°C ~ 70°C
(-4°F ~ 158°F)
Humidity 5% ~ 90% without condensation
Physical Resistance Tamper evident
IP54 ingress protection (under evaluation)
Feature varies according to product model
Multiple high level security featured based on one PIN centric OTP device
Enjoy the benefits of having a single hardware device which can provide on board clock (time) based one time password (OTP) unique log-on credentials, in addition to the challenge and response (OCRA) code for sophisticated two way authentication between entities with knowledge of the unique key, in addition to the secure signing of data, transactions, emails, or other sensitive information.

Dynamic Password as established through a Challenge and Response
OCRA Token by Feitian can generate a dynamic one time password (OTP) in response to a challenge factor sent by an authentication server. The dynamic challenge-response algorithm, responsible for password sequence creation, which serves as the foundation of OCRA Token is based on the criteria of the Open Authentication consortium of open source security providers. Before a password is revealed the user must satisfy the challenge factor presented by the token. The challenge response system is based on a shared secret key which can also be used to verify the legitimacy of a website or server requesting personal information from a token user.

Available as part of a complete solution with FEITIAN FOAS
FEITIAN OATH Authentication Server (FOAS) is a trusted and secure back end server engineered to operate seamlessly with all FEITIAN products. Utilizing OCRA Token as part of a complete solution saves organizations on IT overhead, maintenance, and upkeep.

OATH based algorithms interoperate with any compliant back end server
As a member of the Open Authentication consortium FEITIAN Technologies Co. Ltd. manufactures products that are fully interoperable with back end authentication systems engineered to comply with the international OATH standards.
Multi-functional PIN protected token provides higher security feature
PIN protected device. After a limited number of invalid PIN login, the device is blocked automatically.
Support secure remote token unblock mechanism
Dynamic password generation uses both the challenge code from authentication server and time factor. Multi-factor algorithm brings higher security than single -factor dynamic password.
Transaction signature protects the integrity of transmitted data
Server authentication guarantee the validity of service provider to prevent fraud attack
Two-way authentication brings higher security for both the application server and the end-users

OATH compliant challenge-response OCRA token
Compliant with OATH open algorithm
Easy to be integrated with 3rd party OATH authentication system
PSKC format seed code available

Easy to use and portable
Zero software install at client side
Zero footprint authentication
Simple one-click to generate the one-time-password
Independent to end-user environment. No external connection is needed
Compact casing design. Easy to carry

OTP hardware token with built-in PIN pad
Large buttons PIN pad
High contrast LCD display
Accurate Real Time Clock (RTC)
Non-replaceable built-in battery
Secure Random Access Memory (RAM)
Unique token serial number

Secure, robust and long life hardware design
Battery lifetime expectancy 5 to 7 years
Seed code stored with encryption and protection
Tamper evidence

Flexible customization options
Customizable pass code length and welcome screen
Customizable OTP refresh frequency (for time based algorithms)
Faceplate, casing color and serial number customizable
Customizable industrial and end-user packaging

Highly applicable device supports FOAS server
Protect application servers of computer system, such as computer login, network login, WLAN login, server login, Website login, mail system login, database login and other application server login.
Protect network devices such as routers, exchange servers, firewalls, VPNs, as far as the device supports RADIUS protocol for authentication.
Protect application servers of telephone networks, such as telephone banking, telephone stock market and telephone shopping etc.
Protect application servers of mobile phone networks, such as mobile phone banking, mobile phone stock market and mobile phone shopping etc.
Protect application servers of digital TV (DTV) networks, such as DTV banking, DTV stock market, DTV gaming and DTV shopping etc.
Broadly used in finance, insurance, taxation, customs, business, offices, education and entertainment areas with no special request on application server terminals.
OTP c300
OTP c300 Flyer Download Link

OTP Devices

OTP c500
OTP c500
  • Overview
  • Specifications
  • Features
  • Datasheet/Flyer
Support multiply systems and cards
R711 smart card reader by FEITIAN is engineered to provide users withone-time-password, challenge/response and digital transaction signingfor online exchanges, generating a complete smart card solution.Identity authentication and secure internet transactions are madeavailable through the client facing R711 reader interface which connectsseamlessly to all major user operating systems and card providers.

Complies with EMV/CAP standard Using in Financial Services
R711 smart reader is completely complies with EMV/CAP standard. Themodel is widely utilized in public and private enterprise with highlyconcentrated deployment in the financial services industry to performsensitive tasks such as online banking, money transfer, mobile bankingand payment.
Casing Material ABS + PC
Dimension (L×H×W) 60 × 91 × 10 mm
(23.6 × 35.8 × 3.9 inches)
Weight 45 g
LCD ASCII characters
(128 x 32 dot-matrix)
Keypad Numeric: 0 - 9
Function buttons
Confirm & delete buttons
Operating Temperature -10°C ~ 50°C
(14°F ~ 122°)
Storage Temperature -20°C ~ 70°C
(-4°F ~ 158°F)
Battery Replaceable*
IC Card Interface Contact card
OTP length customizable
Certification ISO/IEC 7816
CE/FCC/ROHS
EMV CAP
Feature varies according to product model
Easy To Operate

Built-in LCD and Numeric Keypad

EMV Chip-Card Support

Multiple Functions
Event-based OTP (CAP Mode 3)
Challenge/Response (CAP Mode 1)
Transaction signature (CAP Mode 2 + TDS)

High Security
Smart card based
One-time-password strong authentication

Flexibility To Customize
Professional OEM available (Casing/Faceplate/Logo)
Smooth transaction flow
OTP c500
OTP c500 Flyer Download Link

OTP Devices

Mobile OTP
Mobile OTP
  • Overview
  • Benefits
  • Features
Modern Solution for Modern Living
Developments in mobile communication technology have revolutionized the way that people interact and access information. Mobile devices are constantly evolving to serve a host of complex functions and services which are increasingly focused on sensitive matters such as commerce, business and personal information. Mobile OTP by Feitian is a convenient and easy to use application that enables users to harness the power of two-factor authentication for secure network log-in and key based challenge response protocol from their favorite mobile devices.

Powerful Access Restrictions Manage Risk from Loss or Theft
The strong authentication capabilities of Mobile Token are secured by the user's ability to change the access password as well as the number of acceptable trials and the time period that a password maintains it validity. Secured in a password protected application the powerful token features are limited exclusively to the rightful token proprietor.

Compatible with Time (TOTP), Event (HOTP) One Time Password (OTP) Protocols
HOTP utilizes a dynamic event based algorithm, creating a unique password in the form of a number sequence, regenerated for each new log-in. Once the user has confirmed themselves in the application, access is granted to the one time password which is retrieved on demand- with the push of a button. TOTP requires no user input to facilitate the change of log-in credentials, it is based on an algorithm that generates a new password to correspond to the passing of time and eliminates the possibility of passwords which can stagnate without user input for an indeterminate period of time.

Use in conjunction with OATH Challenge Response Algorithm (OCRA)
This enables the user to access the broad base of functions available with challenge and response technology. These features include the secure digital signing of transactions and sensitive data; once the digital signature is affixed to a file its content can not be altered by so much as one character without causing a revocation of the secure sign. The unique response sequence generated by a specific user challenge (as well as the reverse process) can be utilized to cross validate servers and websites making certain that the intended destination is not being misrepresented; a user can validate the system before logging in and entering sensitive data and likewise the system can validate the user to be assured that they are who they claim to be.

Feitian FOAS and Mobile Token: Working Together
The Mobile Token solution can be delivered as part of a more complete package by Feitian when used in tandem with the Feitian OATH Authentication Server (FOAS) back end token management system. Adopting Mobile Token in conjunction with FOAS helps institutions mitigate the scope of their IT infrastructure from overhead expenses to administration.
Users Are Empowered to Choose the Necessary Level of Security
Mobile Token by Feitian can support a range of Feitian security solutions (HOTP, TOTP, and OCRA) it is up to the end user to decide which level of security they require. HOTP is based on user input featuring a dynamic password that changes at the push of a button. TOTP is a clock based system that changes with the passing of time. OCRA is a challenge/response system that, in addition to strong authentication, can provide data encryption and cross-validation.

Activation Arranged by Preference
Users who opt for Online Activation must enter an activation address, an activation password, a username and a password or serial number of token on the online activation interface of the mobile phone token after connecting the mobile phone to the network. Alternatively users can decide to Activate Manually, using this offline approach users need to enter a token serial number, an activation password, and an activation code on the manual activation interface of the mobile phone token.

Customizations are available based on the application platform
For J2ME and Windows Mobile platforms you can choose online or manual activation, specify a web address for activation, Personalize with a logo and product picture and set the language interface

Be Yourself with Unique Mobile Identity Verification
Mobile Token by Feitian is equipped with a unique identification code which binds a set of specific authentication credentials to a certain mobile device. This measure effectively prevents the unauthorized use of personal Mobile Token features since the identification code generated by different devices vary.

Designed for compatibility with consumer favorite devices
Mobile OTP by Feitian was engineered for seamless compatibility with such popular mobile device platforms as: Android, iPhone, etc.
Strong two-factor authenticator through dynamic password technology
Unique password generated each time, password cannot be reused
Minimum change to existed static password authentication system

OATH compliant event-based HOTP, time-based TOTP and challenge-response OCRA algorithms
Compliant with OATH open algorithm
Easy to be integrated with 3rd party OATH authentication system
PSKC format seed code available

Easy to use and portable
Simple one-click to generate the one-time-password
No PIN needed
Independent to end-user environment. No external connection is needed
Easy to carry on a key ring

Single-button OTP hardware token
8-character high contrast LCD display with a count-down timing bar
One built-in button
Onboard accurate Real Time Clock (RTC)
Non-replaceable built-in battery
Secure Random Access Memory (RAM)
Unique token serial number

Secure, robust and long life hardware design
Battery lifetime expectancy 5 to 7 years
Seed code stored with encryption and protection
Tamper evidence

Flexible customization options
Customizable 6 or 8 digits pass code
Customizable OTP refresh frequency (for time based algorithms)
Faceplate, casing color and serial number customizable
Customizable industrial and end-user packaging

Support FOAS server
Standard Radius authentication service
Easy to integrate with a wide range of authentication and access gateway solutions
Centralized authentication and graphical management system
Stable performance under heavy duty environment

OTP Devices

FEITIAN OATH Authentication System
The value of an institution depends significantly on the way that critical communications, transactions, and sensitive data is maintained. Stable regulation of access to information networks is the cornerstone of the trust relationship necessary to conduct successful operations in the climate of contemporary commerce, exchange, or management.

The fixed username and password schemes that proliferate across a vast majority of servers, websites, and networks are largely ornamental and provide little to no defense against the highly advanced and specialized tools wielded by modern cyber criminals, in addition to their susceptibility to being misplaced, misused, lost, guessed, or stolen. One time password (OTP) technology is a proactive measure that institutions can adopt to quell the danger of the threat posed through this inherent weakness. OTP functions on the basis of a constantly regenerated numeric password sequence stored on a hardware token distributed to end users; a unique password is created and subsequently entered to gain access at each log-in.

The hardware token is but a small part of the overarching procedure at work, what is of primary importance is the back end authentication server. Feitian OATH Authentication Server (FOAS) is the man behind the curtain ensuring the smooth functioning production and recognition of passwords stored on a user’s personal token. FOAS is engineered to comply fastidiously with the stipulations set forth by the initiative for open authentication (OATH) consortium, a group which unites the foremost industry experts and specialists in the field of strong authentication and determines standards of easy integration and mutual interoperability of product offerings by participating members. As such FOAS can be used seamlessly with any products certified to the OATH criteria making it a highly adaptable back end server solution.

When used in conjunction with components of the Feitian family of OTP products FOAS delivers a complete linear solution which streamlines all authentication procedures from deployment to provisioning and maintenance; significantly reducing IT overhead expenses. FOAS is a multi-channel identity verification system which can simultaneously validate the user to a server and vice versa. Moreover, FOAS can establish a highly secure communication environment by providing digital signatures for web based transactions.

FOAS is a centralized management interface that allows for the convenient centralization of different organizational systems. One of the added benefits of the inclusive compliance architecture by Feitian is the ability of FOAS to support a wide range of operating platforms, authentication protocols, programming languages, and web scripts. FOAS seamlessly integrates with existing third-party authentication components as well as systems based on Radius protocol. Within the FOAS system administrators can easily regulate functionality of all users, hardware tokens, agents and log requests. Basic functions such as adding, auditing, editing, and deletion are supported through organized and intuitive profile grouping. Primary operators can assign and differentiate the level of access rights and privileges for separate accounts as well as delegate responsibility by specifying distinctive management roles for various accounts.

Within the FOAS system the process of token integration can be simple and intuitive. Typically there are three integration methods. When feasible, one of the most convenient ways is to use the existing Radius protocol on the application server to install authentication agents. Installation of OTP can also be done through the use of authentication agents which can save the time and energy it takes to develop one’s own authentication agent. SDK interface integration offers the highest level of flexibility for the application server with the ability to provide functions that are not covered in the previous two methods, however, it is not recommended for all deployments.

Essentially FOAS is comprised of three main components, they include: The authentication server, the management tool, and the authentication agent. Supplementary parts are the OTP server database management system, the SDK interface for customization and the end user OTP hardware tokens.

The authentication agent functions as a bridge between the authentication server and an application server. When an end-user logs in the application server, an authentication request is sent and a result received from the authentication server through the agent in order to decide whether the request is valid. The authentication agent is not necessary in every deployment scenario; applications integrated through Radius have no need for an agent.

The management tool has an easy-to-use web interface to provide remote management and maintenance of end-users, OTP token, authentication servers, authentication agents and log information from the database. The database management system is the foundation of the OTP Server Authentication System containing most of the system data. Database management system can be chosen according to the specific demands of the client.

Benefits
FOAS is commonly acceptable across a wide range of platforms
FOAS can integrate smoothly into all major operating systems and support multiple databases with ODBC or other specific interface connection. The FOAS system also maintains full set development interfaces in various programming languages.

System management is centralized and accessible
The web-interfaced management tool provides for secure remote management. Administrating the host of flexible settings is regulated through central authentication for networks or computer operating systems. Support multiple authentication services with different authentication settings on one computer.

Proven track record in the seamless execution of large scale highly diverse deployments.
FOAS handles loading balancing for multi-authentication services with up a concurrent service rate which can satisfy thousands per second and concurrent support for up to ten million end-users. The system was engineered for co-operability with various authentication agents.

OTP Server Authentication System largely enhanced the security of application servers
Dynamic passwords are randomly generated unique numeric sequences used as log-in credentials. Use of dynamic passwords can prevent threats like replay, peep or monitoring. Fixed password can be used together with dynamic passwords to form two-factor authentication.

FOAS is fully available with the entire suite of Feitian OTP products including C300
With FOAS as a stable back end foundation users can adopt the Feitian hardware solution that best fulfills their specific demand. OTP c300 token is improved by PIN protected access, both the challenge code and time-factor component are necessary to initiate a challenge-response dynamic password or transaction signature. End-users can choose to cross validate an application server and vice versa, preventing leakage of sensitive personal data.

OTP Server Authentication System V3.0 is an extraordinary complete value system
Intellectual property rights are self-owned so there is no need to worry about hidden costs. Localized development and production lower transportation and customs expenses and provide timely after-sales service. Multi-lingual GUI design is provided standard. Full provisioning of configuration and management tools is also standard. Advanced pre-sales and after-sales services are made fully available at a nominal charge.

Design a custom tailored solution to satisfy unique circumstance and requirements
Choose which platform hosts and which database maintains application server. Both installation packages and the full set of API interfaces are provided for efficient implementation. OTP Server Authentication System V3.0 is equipped with powerful management tools to simplify end user oversight.

Features
1. Automatic Synchronization
The authentication server has the flexible feature to automatically synchronize a token during authentication if the token is found to be out-of-sync.

2. Multiple Token Supports
As for hardware tokens, OTP Server Authentication System V3.0 supports event-based OTP c100, time-based OTP c200, challenge-response OTP c300 and event-based-and-PKI-combined OTP c400 tokens.
OTP Server Authentication System V3.0 also supports mobile phone tokens based on event, time or challenge-response.
Again, OTP Server Authentication System V3.0 supports soft tokens based on event, time or challenge-response.

3. Multiple Authentication Methods
For systems that do not demand high security, it can be set to use single dynamic password to authenticate an end-user. Advantage of this method is that there is no necessity to remember another fixed password however security is quite low.

Dynamic passwords can be used together with fixed password to log in application servers that does not demand very high security. This method is commonly used to bring secure authentication of current application servers to the next level.

Challenge-response authentication method is normally used in application servers which demand high security and have end-users with advanced technology knowledge. The disadvantage of this method is that authentication process involves many steps. However, it brings higher interactivity and security to the application server.

Application servers sometimes use double-way authentication method against fake application server. End-users, before proving their personal information, can verify the real application server.

For application servers which want to authentication critical transactions, transaction signature authentication method can be used. This is to make those critical transactions are indeed made by the end-user who claims to be.

4. RADIUS Server Support
According to pre-configured settings, the authentication server can send authentication request to a designated RADIUS server and collect authentication result to send back to the application server

5. High Performance
The authentication server supports more than ten million concurrent end-users, and single server can reach concurrent processing rate of 3000 times per second.

6. Multiple Algorithms
HOTP algorithm from OATH;
TOTP algorithm from OATH;
OCRA algorithm from OATH;
SM3 algorithm from National Security Standard

7. Prevention of Dictionary Attack
When the authentication server finds that a particular end-user has failed a certain times (can be pre-configured) of authentication, it will lock that end-user. During locking, the authentication server will refuse authenticating this end-user until he/she has been unlocked. This is an effective prevention for dictionary attacks.

8. Prevention of Denial-of-Service Attack
The authentication server will delay sending a failed authentication result, which effectively prevents denial-of-service attacks.

Smart Card Reader

R301 Smart Card Reader
Mobile OTP
  • Overview
  • Specifications
  • Features
  • Datasheet/Flyer
Feitian R301(Rockey 301) is a CCID compliant smart card reader with USB 2.0 full speed support. It offers a plug-and-play solution saving the effort on driver installation and system compliance checking.

Feitian R301 can be adopted in smart card-based applications, such as e-Banking, e-Government, e-Payment, access control, network security and more.
Interface USB 2.0 Full Speed
Supply Voltage USB Interface, 5VDC
Supply Current <50mA
Clock Frequency 4MHz
Operating Temperature 0°C ~60°C
Humidity ≤90% No condensation
Standards & Specifications ISO-7816
PCSC,CCID
EN 60950/IEC 60950
CE, FCC
EMV 2000 LEVEL 1
RoHS
Supported CPU Cards ISO-7816, T = 0 and T = 1
ISO-7816, Class A, B and C
Card Clock Frequency: 4MHz
Read-Write Speed:9600bps~344086bps
Supported OS Windows2000/xp/2003/2008/windows 7
Linux
Mac OS X
Solaris
USB 2.0 Full Speed Device

Compliant with PC/SC, CCID Standards

Supports ISO-7816-1/2/3 T=0 and T=1 Protocol

Supports ISO-7816 Class A,B and C Cards

Supports Protocol and Parameters Selection (PPS)

Short Circuit Protection

Compliant with EMV Level 1

Supports GSM 11.11 SIM Cards

Microsoft WHQL 2000, XP, 2003, 2008, Vista, Windows 7

Support Windows 2000/XP/2003/2008/Vista/Windows7 Linux, Mac OS X, Solaris
R301 Smart Card Reader/Auto
R301 Smart Card Reader Flyer Download Link

Smart Card Reader

R502 Smart Card Reader - Dual
Smart Card Reader R502
  • Overview
  • Specifications
  • Features
R502 is a dual-interface smart card reader developed by Feitian Technologies. It is based on CCID driver. It supports not only contact cards compliant with ISO 7816 but also contactless cards compliant with ISO 14443 and contactless cards following Mifare standard. It also provides SIM card slots for many kinds of smart card applications. Moreover R502 comes with the SAM slot suitable for GSM 11.11 cards.

R502 is a terminal interface device for smart card applications and system integrations. With support for smart cards using different interfaces, R502 can be widely used in industries or applications requiring electronic payment and authentication, especially suitable for the high security fields. It is an optimal solution for authentication, e-commerce, financial organizations, access control etc.
Interface USB 2.0 Full Speed
Supply Voltage USB Interface, 5VDC
Supply Current < 100mA
(Without Card Plug-in)
Operating Temperature 0°C ~60°C
Humidity ≤90% No condensation
Standards & Specifications ISO-7816
PCSC,CCID
EN 60950/IEC 60950
CE, FCC, RoHS
EMV 2000 LEVEL 1
Supported Contact Cards ISO-7816, T = 0 and T = 1
ISO-7816, Class A, B and C
Card Clock Frequency: 4MHz
Read-Write Speed:10753bps~344086bps
Supported Contactless Cards ISO 14443 Type A and BMifare
Classic and Mifare Ultralight C
Card Clock Frequency: 13.56MHz
Card Read/Write Speed: 106kbps
Operating Distance: 5cm~10cm
Supported OS Windows2000/xp/2003/2008/windows 7
Linux
Mac OS X
Solaris
Features:
  • USB 2.0 full speed device
  • Compliant with PC/SC, CCID standards
  • Firmware supports upgrading in encryption
  • Reader ID is configurable
  • Compliant with EMV Level 1
  • Supports GSM11.11 SIM cards
  • Microsoft WHQL 2000, XP, server2003, Vista, 2008, Windows 7
  • Supports Windows 2000/XP/server2003/Vista/2008/Windows 7, Linux and MacOS
For Contact Cards:
  • Supports ISO 7816 T0 and T1
  • Supports ISO 7816 class A, B and C
  • Built-in SAM card lots suitable for GSM11.11 SIM cards
For Contactless Cards:
  • Built-in antenna
  • Supports contactless smart cards compliant with ISO 14443 type A and B
  • Supports Mifare classic and Mifare Ultralight C
  • Contactless function can be turned off in specific environment

Smart Card Reader

R502-CL Smart Card Reader
Smart Card Reader R502CL
  • Overview
  • Specifications
  • Features
  • Datasheet/Flyer
FEITIAN Reader R502-CL is a contactless smart card reader developed by Feitian Technologies. It is based on CCID Driver. It supports contactless cards compliant with ISO 14443 and contactless cards following Mifare standard. Developers use it as a platform to generate and deploy related products and services. Moreover, FEITIAN Reader R502-CL is a terminal unit which is seamlessly integrated to all major systems of operation. Additional features such as the built-in inclusive support for different smart card interfaces has facilitated the wide scale and cross industry adoption of Reader 502-CL.

R502-CL is a terminal interface device for smart card applications and system integrations. It can be widely used in industries or applications requiring electronic payment and authentication, especially suitable for the high security fields. It is an optimal solution for authentication, e-commerce, financial organizations, access control etc.
Interface USB 2.0 Full Speed
Supply Voltage USB Interface, 5VDC
Supply Current < 100mA
(Without Card Plug-in)
Operating Temperature 0°C ~60°C
Operating Humidity 0
to 90%RH non-condensing
Storage Humidity 0
to 90%RH non-condensing
Standards & Specifications ISO 14443
Mifare
PC/SC,CCID
EMV 2000 Level 1
CE,FCC RoHS
Supported
Contactless Cards
ISO 14443 Type A and B
Mifare Classic and Mifare
Ultralight C
Supported Contactless Cards Card Clock Frequency: 13.56MHz
Card Read/Write Speed: 106kbps
Operation Distance: 5cm~10cm
Supported OS Windows2000/xp/2003/2008/windows 7
Linux
Mac OS X
Solaris
USB 2.0 full speed device

Compliant with PC/SC, CCID standards

Firmware supports upgrading in encryption

Reader ID is configurable

Compliant with EMV Level 1

Build-in antenna

Supports contactless smart cards compliant with ISO 14443 type A and B

Support Mifare classic and Mifare Ultrglight C

Contactless function can be turned off in specific environment

Support Windows 2000+/Linux/Mac OS X
R502-CL Smart Card Reader
R502-CL Smart Card Reader Flyer Download Link

Smart Card Reader

bR301 - Blue Tooth Smart Card Reader
bR301-Blue Tooth Smart Card Reader
  • Overview
  • Specifications
  • Features
  • Datasheet/Flyer
FEITIAN bR301 has been designed with convenience and security in mind.
Though the easy to integrate blue tooth connection developers are able to easily integrate smart card applications for higher security and flexibility on all mobile and pc devices supporting Bluetooth.
The easy to integrate blue tooth connection allows developers to easily integrate smart card applications for higher security and flexibility on all mobile devices and PCs supporting Bluetooth.
The bR301 allows for wide scale adoption of smart card applications.
PKI used in the working environment can be transformed to a mobile solution, while mobile payment companies are able to offer wider coverage working on all device platforms.
Through the MicroUSB port the bR301 acts as a standard smart card reader compliant with PC/SC, CCID Standards.
bR301 suits customers where security concerns are the most salient and satisfies the demand for a flexible solution for ID authentication, e-commerce, e-payment, information security and access control.
bR301 and the rest of FEITIAN’s line of smart card readers offer each customer a complete solution for all manner of utilizations.
Basic Parameters

Working Voltage 3.3V
Working Current < 55mA
Communication Rate 10753~344086bps
Supported Card Type T0,T1,CLASSB,CLASSC,CLASSBC
Communication Rate with iOS 115200bps
Working Temperature 0°C to 50°C (32 to 122°F)
Storage Temperature - 20°C to 70°C (-4 to 158°F)
Operating Humidity 60 to 90%RH non-condensing
Storage Humidity 60 to 90%RH non-condensing
Port Bluetooth/Micro USB
Device Type smart card Contact(smart card)
Enclosure Type External
External 15
Expansion Slot(s) 1 x Smart Card
Battery 890mAh
Charging Port Micro USB
Dimension 64mm(2.51in)wide*85 mm(3.35in)high*13.5mm(0.53in)thick
Material PC+ABS
Card Deck 8 contact points (ISO7816 standard)100000 plugging and unplugging times
Supported OS iOS/Android/Blackberry(developing)
Certification CE/FCC/MFI/RoHC(pending approval)


Wireless Communications

Communications protocol 2.4GHz frequency ISM band. IEEE 802.15.1(Bluetooth) with full security enabled
RF Transmissions Range Less than half a meter
Data Throughput 750kb/s to 1MB/s
Communications data AES-128
encryption
Customizable items Logo/case color/ Shell surface treatment process
USB 2.0 Full Speed Device

Compliant with PC/SC, CCID Standards

Support ISO-7816-1/2/3 T=0 and T=1 Protocol

Support ISO-7816 Class A,B and C Cards

Compliant with EMV Level 1(pending approval)

Provide third party development library

MFI specification(pending approval)

Support auto-PPS

Support iOS/Android/Linux/Mac OS X/Windows
bR301 - Blue Tooth Smart Card Reader
bR301 - Blue Tooth Smart Card Reader Download Link

Smart Card Reader

iR301 - Mobile Smart Card Reader
iR301 - Mobile Smart Card Reader iphone Compatible
  • Overview
  • Specifications
  • Features
FEITIAN iR301 is a terminal unit which can be used for developing smart card application. With the supporting of different smart card interfaces, iR301 have found wide application in many corporations and industries.

IR301 suits customers where security concerns are the most salient and can be widely use on ID authentication, e-commerce, e-payment, information security and access control.

FEITIAN‘s rich reader product line can offers complete solution for all customer types at all levels.
Working Voltage 3V
Working Current < 60mA
Communication Rate 10753~344086bps
Supported Card Type T0,T1,CLASSB,CLASSC,CLASSBC
Communication Rate with iOS 9600~57600bps
Working Temperature 0°C to 50°C
(32 to 122°F)
Storage Temperature - 20°C to 70°C (-4 to 158°F)
Operating Humidity 0 to 90%RH non-condensing
Storage Humidity 0 to 90%RH non-condensing
Port iDock
Port
Dimension 58*42*8mm
(2.28—1.65—0.31 inches)
Casing Kirksite + Acrylic
Card Deck 8 contact points (ISO7816 standard)
10000 plugging and unplugging times
Supported OS version iOS3.1.3+
Certification CE/FCC/MFI/RoHS
Supported OS Win2000+/Linux/Mac OS X/Solaris/Android/iOS
EMV level 1 applied and MFi certified

Support multiple contact smart card, support T0, T1 card which conform ISO7816 protocol

Offer a standard size contact card deck, support CLASSB, CLASSC, CLASSBC card which conform ISO7816 protocol

Provide API to modify parameters (ATR Baud Rate, WWT…)

Provide secondary development library

Support iOS device through apple dock port

Support auto-PPS

Support Win2000+/Linux/Mac OS X/Solaris/Android/iOS platform

Smart Card Reader

iR301 - Mobile Smart Card Reader
iR301UC - Mobile Smart Card Reader iR301UC - Mobile Smart Card Reader iphone Compatible
  • Overview
  • Specifications
  • Features
FEITIAN iR301U-C is specially designed to accommodate a range of smartcard applications. Developers use it as a platform to generate and deploy products and services. Moreover FEITIAN iR301U-C is a terminal unit which is seamlessly integrated to all major systems of operation. Additional features such as built-in inclusive support for different smartcard interfaces has facilitated the wide scale and cross industry adoption of iR301U-C.

iR301U-C suits the customers where the security concerns are most silent and satisfied the demand for the flexible solution for ID authentication, ecommerce, e-payment, information security and access control.

iR301U-C offers customer a complete solution for all manner of utilization.
USB USB2.0 (Full Speed)
Dimension (L X H X W) (for iPad) 259.6 X 188.2 X 16.5mm
Dimension (L X H X W) (for iPadmini) 216.6 X 140.2 X 15.5mm
Casing Material PC+ABS
Port 30-pin Dock / Lightning Connector (For iPad Mini)
Operating Current <80mA
Operating Temperature 0C ~ 50C
Storage Temperature -20C ~ +85C
Supported Card Type ISO7816, T=0 & T=1, Class A, B, C, AB, BC, & ABC
Operating & Storage Humidity <90%RH non-condensing
Card Slot 8 connect points (ISO7816 standard), 10000 plugging and unplugging
Supported OS iOS4.3+
Certification CE/FCC/MFI/RoHS/EMV L1
  • Support multiple contact smart card, support T0, T1 card which conform ISO7816 protocol.
  • Offers a standard size contact card deck, support CLASSB, CLASSC, CLASSBC card with conform ISO7816 protocol
  • Provide API to modify parameters (ATR Baud Rate. WWT…)
  • Provide secondary development library
  • Supports iOS device through dock/lightning
  • Support auto-PPS

Smart Card Reader

aR520 - Swipe Card Reader
aR520 - Swipe Card Reader
  • Overview
  • Specifications
  • Features
  • Datasheet/Flyer
FEITIAN aR520 is swipe card reader and NFC contactless reader specially engineered to accommodate a range of smart card applications. Developers use it as a platform to generate and deploy related products and services. Moreover, FEITIAN aR520 is a terminal unit which is seamlessly integrated to all major systems of operation. Additional features such as the built-in inclusive support for different smart card interfaces has facilitated the wide scale and cross industry adoption of aR520.

aR520 suits customers where security concerns are the most salient and satisfies the demand for a flexible solution for ID authentication, e-commerce, e-payment, information security and access control.
Basic Parameters Working Current 50-80mA
Communication Rate 8000bps
Supported Card Type ISO 14443 standard Type A/B, Mifare, Felica,
Mifare tag 1
MSR
Working Temperature 0°C to 50°C (32 to 122°F)
Storage Temperature - 20°C to 70°C (-4 to 158°F)
Operating Humidity 0 to 90%RH non-condensing
Storage Humidity 0 to 90%RH non-condensing
Size 59*50*12mm
Port 3.5mm audio jack/Micro USB(Type B)
Supported OS Android 2.2+/iOS4.3+
Certification CE/FCC/MFI/RoHS
Lights Red/Yellow/Blue colors
Battery Electricity 330mHa
Charging time 2hours
Max work time(full speed) Around 2hours(depends on cards)
Standby time Around 20hours
Custom items Casing Can be OEM
LOGO Custom logo
Firmware Can do OEM firmware
Communication Security Support DUKPT(Derived unique key per transaction)
Hardware Security Support Card short circuit protection
Support firmware upgrading
General
  • 330mHa battery inside, full speed can work more than 2h, standby 20h
  • Full battery only need charging 2hours
Contact part
  • Support magnetic strip card
  • 3.5mm standard headphone jack & MicroUSB
  • Support track 1,2,3 and key management with DUKPT(3DES&AES)
  • Low battery consumption
  • Micro-USB port for pass-through charging
Contactless part
  • Firmware supports upgrading in encryption
  • Supports contactless smart cards compliant with ISO 14443 type A and type B, Mifare card, Felica
  • Through beeper and light to informed reader/card/battery status
aR520 - Swipe Card Reader
aR520 Datasheet Download Link

PKI & Java Card

Certificate Based - PKI Smart Card
PKI Smart Card
  • Overview
  • Specifications
  • Features
  • Datasheet/Flyer
ePass PKI series smart card are designed to store user's personal identity information, digital certifications, and private keys, working together with Feitian's PKI manger to provide a comprehensive and salable security solution that meets customers' needs for strong authentication, encryption and digital signatures.

ePass security PKI is easy to be integrated into different authentication platforms which offer tailored solution appropriate for business, organizations, financial institutions, healthcare, governments and retail industries by providing e-Payment, ePassport, e-ID, e-Health, e-Ticket with enhanced security assurance.
Platform Windows –Win2000/XP/Server2003/Vista/Server2008/7
Linux
MacOS*
*In Mac OS, use OpenSC middleware.
Standards Microsoft CAPI, PKCS #11,
PKCS #15 Model available for OpenSC X.509 v3 certification storage,
ISO7816 compliant, T0/T1
User Memory 64KB
Algorithms RSA1024/2048 ,DES, 3DES, AES and SHA-1,SHA-2
Card Operating Voltage 3V/5V
Data Retention Over 10 years
Memory Rewrites Over 500,000
Built-in high performance smart card chip
Onboard DES, 3DES, MD5, SHA-1, RSA 1024/2048
Support AES, SHA-2 and others.
Onboard RSA key pair generation, private key can never be retrieved.
Onboard digital signature general and verification
Compliant with ISO/IEC 7816-1,2,3,4,8,9
User memory up to 64KB and support multiple key pairs storage.
Standard Microsoft CAPI and PKCS #11 support
PKCS # 15 compliant, seamlessly integration with OpenSC applications
Certificate Based - PKI Smart Card
Certificate Based - PKI Smart Card Datasheet Download Link

PKI & Java Card

Certificate Based - Java Card
Java Card
  • Overview
  • Specifications
  • Datasheet/Flyer
Feitian Technologies Java Card Operating System(FTJCOS), has been meticulously designed to conform to the strict standards of the Global Platformand ISO industry; thereby ensuring a uidity andseamless interoperability of applications for cardissuers as well as solutions developers.
FT Java Card maintains compatibility with thirdpartyapplets as well as all existing smart cardinfrastructures. is practice facilitates multiplesourcing of the components within the smart card solutions.
FT Java Card enables standard applications of aparticular card issuer to be put into the ROM therebysignicantly reducing the EEPROM requirements.
Dual-Interface Supporting
FT Java Card users can custom tailor the solution to fit their specific needs, offering optional support for RSA coprocessor, contactless communications, and GSM protocol features.

Cost Effective Pricing
FT Java Card and JCOS are eective solution for simpler low-costimplementations as well as the high-end of multi-controller configurations.

Cross Platform
The results of multiple cross -platform tests determine that FT JavaCard consistently ranks higher in application performance thancompetitive Java Card implementations, including those implementations running on 32-bit platforms and proprietary cards.

Java Authorized Licensees
Fundamentally based on international standards of smart card open source operating system
specifications as endorsed by Sun Microsystems (Oracle), the GlobalPlatform consortium, the International Organization for Standardization (ISO), EMV, et.cetera. FTJCOS is available for licensing across the smart card value chain and across industries.

Multiple Cryptography Solution
FT Java Card oers RSA 2048-bit length and the ability to generateRSA key components to the highest standard of card security.Security protocol hashing methods MD5 and SHA1 are available as well.
Certificate Based - Java Card
Certificate Based - Java Card Datasheet Download Link

POS

POS - ePayPOS5000
ePayPOS5000
  • Overview
  • Features
  • Datasheet/Flyer
ePayPOS500 is a mobile payment terminal equipped with PIN pad and verification screen for magnetic strip cards or chip cards. This device is mainly designed for apple devices, such as: iPhone, iPad or iPod, as well as Android phones or tablets.

Simply by connecting our ePayPOS500 through the Bluetooth port on iOS or Android devices, you can immediately turn your cell phone or tablets into a mobile payment device.

The unique PIN pad design verifies the user’s identity and meets the PCI requirements for mobile payment industry. The verification screen also allows end users to see what detailed information will be sent from their credit cards before proceeding to final payment.

Our fashion-style designed ePayPOS500 enable payments in a mobile way. It greatly benefits retail stores, such as: barber shop, convenience store, taxi, restaurants, pizza delivery, and many other.
  • Micro USB/Bluetooth
  • Magnetic stripe cards Adapter
  • Chip cards Adapter
  • Multi-language support
  • USB charging port
  • 10 digits and 5 function keys keyboard
  • LCD display screen
  • Android 2.2/2.3/4 and or above
  • iOS 4.0 and or above
  • Compliant with EMV Level 1/2
  • Optional secondary development library support
  • Support ISO-7816-1/2/3 T=0 and T=1 Protocol and CLASS A, B, C Cards
  • Magnetic strip: ISO 7811, track 1, 2, 3
  • PCI 3.0 certification (pending)
  • MFI certification
  • Bluetooth EPL certification
  • CE/FCC/RoHS/TQM (pending)
  • Support key management with DUKPT, MK/SK, and RSA
  • Tamper-resistant, anti-down protection
POS - ePayPOS5000
POS - ePayPOS5000 Datasheet Download Link

Windows Smart Card Logon

Windows Smart Card Logon - By Using ePass
1.Overview
1.1 Introduction to Smart Card Logon
Smart Card Logon is a feature of Windows operating system introduced by Microsoft. It enables users to log in to the Windows system using a smart card and PIN, it replaces the tranditional user name and password login mechanism. And Smart Card Logon is considered a two-factors authentication method:
  1. Users must present something they have (the smart card)
  2. Users must present something they know (the PIN)

Usually, Smart Card Logon used in organization, government, health care and education, because it can help in following ways:
  1. High level protection of administrator accounts.
  2. Improved remote access security.
  3. Higher integrity for logon credentials.
  4. More flexible and security

1.2 Introduction to Feitian ePass Token
ePass Tokens of FEITIAN Technologies Co., Ltd. are secure carriers of personal digital certificates and private keys, which fully support the PKI security mechanism. With a number of solid features of smart card and protection of a personal PIN, private keys generated on the card can never be retrieved from the ePass token. Based on hardware chips ranging from the cost-effective secure MCU chip to the latest 32-bit smart card chip, ePass PKI products of FEITIAN provide flexibility and innovation in any PKI applications: the best-seller ePass2000, the high-performance ePass3000, the industrial-innovative biometric BioPass, the user-interactive InterPass, the Zero-Footprint GreenPass with Flash memories and the ePass token in SD card and card forms.

For more information, please refer to Feitian’s website: www.ftsafe.com.
2.Windows Smart Card Logon Using ePass
2.1 Preparation
  1. Please make sure that there is a Domain server has been deployed and configured, and a CA which can issue smart card certificate to Domain client.
  2. Install the middleware of ePass token in client side.
  3. Proved ePass models
    • ePass1000
    • ePass2000 FT12
    • ePass2003
    • ePass3000
    • PKI Card/PKI Token
    • Other more…

2.2 Request a Smart Card Certificate
  1. Open IE and login to the CA webpage, please see below image: Request a Certificate Figure 1. Request a Certificate
  2. Select Request a certificateadvanced certificate requestCreate and submit a request to this CA, choose Smartcard Logon for Certificate Templeate and choose the CSP for ePass token (here using ePass2003 as an example) and click Submit button, please see below image: Advanced certificate request Figure 2 Advanced certificate request
  3. After submit request, you will be request to enter user PIN of ePass token, please see below image: Enter user PIN Figure 3 Enter user PIN
  4. Install the certificate into ePass token after generating key pair. Now, you may check the certificate using PKI manager tool of ePass token, please see below image: Check certificate using PKI manager Figure 4 Check certificate using PKI manager

2.3 To Do Smart Card Logon with ePass Token
2.3.1 Add Client Computer into the Domain
  1. If you have done this, please skip to this section. To join domain, open System Properties, please see below image: System Properties Figure 5 System Properties
  2. Click Change button, enter the name of domain server in Domain field, please see below image: Enter domain name Figure 6 Enter domain name
  3. After click OK, you will be request to enter the user name and password for login domain, please see below image: Enter user name and password Figure 7 Enter user name and password
  4. Click OK to continue, please see below image: Welcome window Figure 8 Welcome window
Here the client has joined domain successfully. Please move to next step to continue.

2.3.2 Perform Smart Card Logon
  1. After add the client into Domain, please follow the prompt message to restart the computer, and a smart card account will appear in Windows Welcome interface, please see below image:Smart card account Figure 9 Smart card account
  2. Insert the ePass token which include the smart card certificate which requested in previous step, and you will be request to enter user PIN, please see below image:Enter user PIN Figure 10 Enter user PIN
  3. Enter correct user PIN and logon.
2.3.3 Perform Remote Smart Card Logon (Remote Desktop Connection)
About Remote Desktop Connection
Remote Desktop is a service introduced by Microsoft, for helping network administrators with management and maintenance. Network administrators are allowed to connect to any computers on the network, which have the remote desktop control feature enable.
The remote Desktop connection is in the C/S (Client/Server) mode. Therefore, you must configure the server and the client for remote connection first. The server refers to the side that accepts the Remote Desktop Connection. The client refers to the side that initiates the Remote Desktop Connection.
A Remote Desktop Connection Server program must be installed on the server. Currently, only Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 and Windows 7 support Remote Desktop Connection.
Please make sure that you have enough permission to do Remote Desktop Connection. In client, insert ePass token, open start menuAll ProgramsAccessoriesRemote Desktop Connection, the below image will appear:
  1. Please make sure that you have enough permission to do Remote Desktop Connection. In client, insert ePass token, open start menuAll ProgramsAccessoriesRemote Desktop Connection, the below image will appear:Open RDC Figure 11 Open RDC
  2. Enter the IP address of domain server in the Computer field and click Connect button, the below image will appear:Enter user PIN Figure 12 Enter user PIN
  3. Enter correct user PIN of ePass token in Smart card account and click OK button to continue, please see below image:Connect successfully Figure 13 Connect successfully
Here you have logon to the remote server.
3. Reference
[1] http://technet.microsoft.com/en-us/

Windows Smart Card Logon

Windows Standalone Smart Card Logon - By Using EID Authentication with ePass
1.Overview
1.1 Introduction to EIDAuthenticate
  1. EIDAuthenticate is the open source solution to offer smart card logon to every EID users.
  2. As most logon programs require specific smart card driver, storage facility on the smart card itself or user process authentication, this program is the only one which does the authentication inside of the security kernel of Windows: even with signature only card, your data is safe. Made by certified security experts, EIDAuthenticate respects the spirit of the deep internal Windows security mechanisms and is not just a GUI. For example EIDAuthenticate is the only solution supporting natively the "force smart card logon" policy, used to secure the local administrator accounts in datacenters or to comply with HSPD-12. We know that trust is critical when implementing a two factors policy and that's the reason why EIDAuthenticate core is and will remain open source.
  3. Supported System:
    1. Windows Vista
    2. Windows Server 2008 / 2008 R2
    3. Windows 7
1.2 Introduction to Feitian ePass Token
ePass Tokens of FEITIAN Technologies Co. Ltd. are secure carriers of personal digital certificates and private keys, which fully support the PKI security mechanism. With a number of solid features of smart card and protection of a personal PIN, private keys generated on the card can never be retrieved from the ePass token. Based on hardware chips ranging from the cost-effective secure MCU chip to the latest 32-bit smart card chip, ePass PKI products of FEITIAN provide flexibility and innovation in any PKI applications: the best-seller ePass2000, the high-performance ePass3000, the industrial-innovative biometric BioPass, the user-interactive InterPass, the Zero-Footprint GreenPass with Flash memories and the ePass token in SD card and card forms.
For more information, please refer to Feitian’s website: www.ftsafe.com.
2.Smart Card Logon with EIDAuthenticate Using ePass

2.1 Preparation
  1. Install EIDAuthenticate (It includes both 32bit and 64bit, please install according to your own system environment).
  2. Install the middleware of ePass token.
  3. Proved ePass models
    • ePass2003
    • PKI Card/PKI Token
    • ePass2000 FT12
    • ePass3000
    • Other more…

2.2 Integrate EIDAuthenticate with ePass
Please open Control PanelSystem and Security, there will be a Smart Card Logon option at bottom, please see below image:
Smart Card Logon Figure 1 Smart Card Logon
Open this option you will find there are two methods for correspond different situation. We will introduce respectively in next section. Please see below image: Smart card logon configuration Figure 2 Smart card logon configuration
2.2.1 Use preconfigured card
  1. If you have a smart card certificate in ePass token, you may choose this method, the below image will appear: Figure 3 Select certificate
  2. Here will show all certificate found on ePass token, select a correct certificate and make sure the certificate has no problem and click Next button (if the certificate has a problem on Trust field, just click on “Make this certificate trusted” to add the certificate to the “trusted people” store), the below image will appear: Enter passwordFigure 4 Enter password
  3. Please enter administrator password of your system and check the option of “Launch a test after the completion of this wizard†and click Next button, the below image will appear: Enter PIN Figure 5 Enter PIN
  4. Here will list all certificates in ePass token, select the certificate you configured before and enter correct PIN of ePass token and click OK button to continue the test, please see below image: Test result Figure 6 Test result
  5. If the above image appear, that means you can continue to do smart card logon.
2.2.2 Configure a new set of credentials
  1. Choose this method allows you to create a new certificate on the ePass token, the below image will appear: Smart card logon configurationFigure 7 Smart card logon configuration
  2. This page provides three methods to create new certificate.
    1. If you are the first time to run this wizard, please choose “Create a new certificate authority”;
    2. If a certificate and a private key already exists, please choose “Use this certification authority”;
    3. You can also import a certificate with p12 format.

    After that, click Next button. Below image will appear: Enter PINFigure 8 Enter PIN
  3. In this step, the user will be request to enter correct PIN of ePass token and click Login to continue creating certificate. The following image will appear:Select certificateFigure 9 Select certificate
    Note: From here, it is the same steps as using "Use preconfigured card".
  4. Here will show all certificate found on ePass token, select a correct certificate and make sure the certificate has no problem and click Next button (if the certificate has a problem on Trust field, just click on “Make this certificate trusted†to add the certificate to the “trusted people” store), the below image will appear: The following image will appear:Enter PasswordFigure 10 Enter Password
  5. Please enter administrator password of your system and check the option of “Launch a test after the completion of this wizard” and click Next button, the below image will appear:Enter PINFigure 11 Enter PIN
  6. Here will list all certificates in ePass token, select the certificate you configured before and enter correct PIN of ePass token and click OK button to continue the test, please see below image:Test resultFigure 12 Test result
  7. If the above image appear, that means you can continue to do smart card logon. You can also check the certificate in ePass token by using corresponding PKI manager, please see below image:Check certificate in ePass tokenFigure 13 Check certificate in ePass token
2.2.3 Perform Smart Card Logon with EIDAuthenticate
  1. Please restart the computer and make sure that ePass token has connected to the computer, then there is a smart card account will appear, please see below image: Smart card accountFigure 14 Smart card account
  2. Click smart card account and enter correct PIN of ePass token to login.Enter user PINFigure 15 Enter user PIN
3.Reference
[1] http://www.mysmartlogon.com/products/eidauthenticate.html

Drivers & FAQs

Errors & Solutions
Problem 1: Error in downloading certificate.
Reason
1. Root Chain is not installed in system.
2. System is different from the one where the request was generated for digital signature.
3. Certificate enrollment request is deleted or removed from system.
4. Token is not detected or token driver is not installed or are uninstalled from the system.
5. Key Pair is not generated while enrolling for digital signature request or is deleted from the token.
Resolution
1. Install Root chain in system.
2. Make sure you are using the same system from where the request was generated.
3. Open the token manager and Log-in to token to check whether token is detected by system.
4. After Login into the token check whether the key pair is present in it.
Problem 2: "Error in Creating CSR" while enrolling certificate request.
Reason
1. Token is not attached to the system, or is not detected by the system.
2. 'Cryptographic Service provider' is not selected properly.
3. If the token is Aladdin/eToken 32K.
Resolution
1. Make sure that the token drivers are installed in the system.
2. Check whether the token is connected to the system, and you are able to login to the token.
3. Do not use SHA1 Compatible tokens, like Safenet iKey or eToken 32K for enrollment.
Problem 3: ePass2003 is detected by the system whereas ePass2003Auto is not detected.
Reason System may be recognizing both drivers, for ePass2003 & ePass2003Auto, as different driver.
Resolution Click on Start button go to Run and type devmgmt.msc for opening Device Manager. In the console tree find the epass2003Auto, right click on it and select uninstall.
Remove the token and reconnect it, system automatically recognizes the driver and the drivers will be installed successfully in the system.
Problem 4: "Your CA is not trusted".
Reason
This Notification comes when Root Chain is not installed in system or the browser settings are not proper.
Resolution
1. Install Root Chain in system.
2. Make browser settings as per website guideline.
3. Check Java version recommended by website.
Problem 5: "Application Blocked by Security Setting or Application cannot be Run."
Reason
System settings do not allow downloading of the required java applet.
Resolution
Open Control Panel ⇨ Double Click on Java Icon ⇨ Click on Security Tab. Set security level to medium and then click on Edit Site list button. Click on Add button and add Trusted site or site URL where you are performing task.
Problem 6: "Fake Path" while signing XML file on Income Tax website.
Reason
1. Internet Explorer settings are not proper.
2. Internet Explorer version is below 7.
Resolution
1. Internet Explorer version must be above 7.
2. Open Tools Menu ⇨ Internet option ⇨ Click on Security Tab ⇨ Here first set all security to default zone. Now click on Internet Icon then click on Custom button.
Now 'Reset custom settings' to medium.
Enable all ActiveX controls and plug-ins. If the ActiveX Enable setting is (not secured) then select prompt but not disable.
3. In the User Authentication Logon Section select Automatic logon with current user name and password.
4. Click on OK and Apply Settings.
5. Now click on Second Icon Local intranet ⇨ Reset this Zone to Low, apply it.
Problem 7: "Invalid Digital Signature Certificate" while Registering or Uploading of return.
Reason
Name mentioned in the Digital Signature does not match with the account details.
Resolution
Update Profile settings with the details of the person whose digital signature certificate is being used for filling return. Check the Name in Verification Part in XML file or in Pre-paired return.
Problem 8: "Invalid Digital Signature While Login."
Reason
Registered certificate does not match with the certificate used for login.
Resolution
After renewal of the certificate you need to update it on the respective portal where you are using the certificate for login or for e-tender. Each tender site have different process for registration so you need to contact respective site vender helpdesk.
Problem 9: "The Microsoft Cryptographic Service Provider Reported an Error..." while signing MCA PDF Document.
Reason
System Cryptographic Services are not working properly or respective security patch is not installed in System.
Resolution
If you are countering error "The Microsoft Cryptographic Service Provider reported an error:" in Adobe Acrobat Reader while signing MCA Documents.
This error may face in Adobe Acrobat Reader Version 9.0 and above, this is error of Adobe Acrobat and not of USB Token, may face this error in any USB Token.
Here is the link for the solution of the same: http://www.taxpro.co.in/DSC/TokenDrivers/AdobeReaderwithSecurityInstallation.zip
Above link is for complete Adobe Acrobat Reader Download with Security Installation prompting to solve above error, details document included in above link, read instructions document carefully before installation.
Problem 10: Some ePass2003 tokens are not recognized.
Reason
This problem is very rare and arises because the hardware chip in the token is not compatible with the latest driver version.
Resolution
Please find the folder on the below link: http://www.taxpro.co.in/DSC/TokenDrivers/Token-Not-Recognized.zip , If the token is not getting detected by Windows or even ePass2003 drivers, please plug in the token in USB port and try running Step 1 and then Step 2 Application from the downloaded folder.
Steps are as follows:
  • Plug In token in USB Port.
  • Run Step 1 - you will get message "Initialize Successfully". (Do not run Step 1 in case there is Certificate in token, Certificate in token will get erased – no issues in case of blank token.)
  • Run Step 2 - and on successful up-gradation of token you will get message Upgraded Successfully.
  • Plug out and Plug in token.
  • Windows/Drivers will detect the token.
Problem 11: Token is not detected by system.
Reason
1. Token drivers are not installed correctly or services are not running.
2. Policy or Admin Rights issue.
3. Same as Problem No. 10.
Suggestions
1. Make sure token driver is installed correctly and you are able to login to the token.
2. Verify that all required services for token is started and working fine. These services are
  • Smartcard Services {Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.},
  • Cryptographic Services {Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.},
  • Certificate Propagation Services {Copies user certificates and root certificates from smart cards into the current user's certificate store, detects when a smart card is inserted into a smart card reader, and, if needed, installs the smart card Plug and Play minidriver.}.
Open the Run Prompt (Window Key + 'R') and enter services.msc, Right Click on above mentioned service and select restart.
3. Same as Problem No. 10.
Problem 12: How to verify Smartcard Services is running in system?
To check if the smart card services are running,
  1. Press Ctrl+Alt+Del and then click 'Start Task Manager'.
  2. In the 'Windows Task Manager Dialog Box, Click the Services Tab.
  3. Click the Name column to sort the list alphabetically, and then type S.
  4. In the name column, look for scardsvr, and then look under the status column to see if the services are running or stopped.
Problem 13: How to restart Smartcard Services in the system?
To Restart the smart card services,
  1. Click 'Start', type cmd, Right Click cmd.exe and then click Run as Administrator.
  2. If the user control dialog box appears, confirm that the action it displays is what you want and then click Yes.
  3. At the command prompt, type net stop scardsvr.
  4. At the command prompt type net start scardsvr.
  5. You can use the following command at command prompt to check whether service is running sc queryex scardsvr.
Problem 14: Process for re-installation of Smartcard Services.
Open Command Prompt by click on Start/Run and writing cmd. Then enter the following commands and validate by enter. Regsvr32 C:\Windows\system32\scardssp.dll and press enter after that scardsvr reinstall and press enter.
Problem 15: How to Manually Install a Smartcard Reader?
Click 'Start' type device manager in search programs and files box and then type enter. Double click other devices; Right click the Smartcard Reader devices, and the click 'Update Driver Software'. In the Update driver software windows, clicks browse my computer for driver software and then follow the prompts to locate and install driver. When the driver finish installing the Smartcard reader device is listed in Device Manager in the Smartcard Reader. If the token device already listed in Smartcard Reader same steps is used for update driver.
Problem 16: System Restore and Driver Rollback Instructions.
Option 1: Backup Your System Using System Restore.
System Restore works a lot like the Undo command in Microsoft Word. You can use System Restore to return to your previous driver version if you create a restore point prior to installing the driver. System Restore does not affect your personal data files (such as Microsoft Word documents, browsing history, drawings, favorites, or email) so you won't lose changes made to these files after the restore point is created. Windows XP steps to create a restore point (before installing the new driver):
  1. Click Start
  2. Point to All Programs
  3. Point to Accessories
  4. Point to System Tools
  5. Click System Restore
  6. Click Create a restore point, and then click Next
  7. Type a name to identify this restore point and click Create
To return to this restore point, from the same System Restore Wizard select Restore my computer to an earlier time. Then select the date you created the restore point from the calendar in the Select a Restore Point screen. All of the restore points you created and you computer created on the selected date are listed by name in the list box to the right of the calendar. Windows Vista or Windows 7 steps to create a restore point (before installing the new driver):
  1. Click Start
  2. Click Control Panel
  3. Windows Vista: Click System and Maintenance and then System or simply System (in Classic view). Windows 7: Click System and Security and then System.
  4. In the left pane, click System Protection
  5. On the System Protection tab, Click Create
  6. Type a name to identify this restore point and click Create
To return to this restore point, select System Restore on the same System Protection tab as above. Next select Choose a different restore point and click Next. Then select the date and name of the restore point that you created and click Next. Finally select Finish.

Option 2: Roll Back To Your Previous Driver If you install the newer driver without first uninstalling the previous version, you may be able to simply roll back your driver to the previous version using these steps: Windows XP steps to roll back your driver:
  1. Click Start
  2. Click Control Panel
  3. Click Performance and Maintenance and then System (in Category view) or System (in Classic view)
  4. Select the Hardware Tab
  5. Click Device Manager
  6. Double-click on Smart Card Readers
  7. Double-click on your token
  8. Select the Driver Tab
  9. Click on Roll Back Driver
Windows Vista or Windows 7 steps to roll back your driver:
  1. Click Start
  2. Click Control Panel
  3. Windows Vista: Click System and Maintenance and then System or simply System (in Classic view). Windows 7: Click System and Security and then System.
  4. In the left pane, click Device Manager
  5. Double-click on Smart Card Readers
  6. Double-click on your token
  7. Select the Driver Tab
  8. Click on Roll Back Driver
Problem 17: Firefox Compatibility Problem.
Reason
Mozilla Firefox 3.0 version does not allow applet to access the host file system, it prevents application tools to perform certain operation. In such case there will be alert messages like "System error: Undefined".
Resolution
  1. Open Firefox browser.
  2. In Address Bar enter about:config
  3. In search text area type applet
  4. Double click on the given result.
  5. It enables the applet to run in the Firefox browser.
Problem 18: Verification code(CAPTCHA) is not visible.
Reason
  1. Verification code (CAPTCHA) is an .png image file that are streamed from the server. The lower version browser (IE < 7.0) does not support .png image.
  2. Windows OS is not updated with latest service pack.
Resolution
  1. Upgrade the browser version to latest version (IE 7.0) or above.
  2. Update windows latest service pack.
  3. Else use Mozilla Firefox.
Problem 19: "File Signing Failed" due to space (or) special characters.
Reason
If chosen file has special characters like (& # @ ).
Resolution
Remove the special characters from the file name and start uploading it.
Problem 20: "Failure! Certificate trusted chain validation failed."
Reason
Server is not updated with the particular CA certificate.
Resolution
Update the CA certificate to the server repository (JKS in the java base dir).
Problem 21: "Applet is not started or initialized."
Reason
  1. Client workstation does not contain JRE (Java Runtime environment).
  2. The installed JRE is old version, which does not support the application implementation.
Resolution
Download latest JRE updates from the sun java website/from the download option of the tender site and install in the client workstation.
Problem 22: Your browser does not support javascript.
Reason
The client workstation browser is disabled with javascript option.
Resolution
  1. Enable the javascript option in IE.
  2. Goto Internet Options ⇨ security ⇨ Custom level ⇨ Enable scripting
Problem 23: "Page Authorization Error."
Reason
  1. The logged in user does not have the access rights to view the page. So system throws page authorization error.
  2. If any permission is not set in the configuration file.
Resolution
The system admin has to configure the rights to a particular group of mail.
Problem 24: "Get Certificate Public Key Failed: There was an error while exporting the Key Blob."
Reason
Required Prerequisites NxtCryptoSetup is not available or incorrect setup installed.
Resolution
Download NxtCryptoSetup -
  • For epass2003 Click Here
  • For etoken Click Here
  • For Browser Settings Click Here
Problem 25: How to uninstall Internet Explorer 11 and restore Previous version of Internet Explorer
Resolution
Open the Panel ⇨ Program and Features ⇨ Installed update ⇨ enter IE 11 in search box.
Right Click on entry and select uninstall.
After restarting the machine Go to Tools Menu ⇨ Internet Option ⇨ Advance Tab ⇨ and select Rest button ⇨ Check the Delete Personal Settings and select Reset button.
Un-installation of Internet Explorer 11 is required when some web site is not compatible with this version and we need to working in previous version. First try with development Tool if it's not working then uninstall IE 11. Development Tools are available in Internet Explorer Tool Menu. Here you will find different Browser Modes. This process only works in Windows 7 not for windows 8, because Windows 8 come with IE 11.
Ask a Question
Email ID *:
 
Type Question *:
 

  • Home
  • Company Profile
  • Important Links
    • Income Tax
    • Income Tax e-Filing
    • NSDL
    • TRACES
    • TCS-CA
    • Service Tax
  • Quick Links
    • Token Drivers
    • TaxPro Product Updates
    • Client Login
  • CISPL Offices
    • Delhi
    • Mumbai
    • Nagpur
    • Bengaluru
    • Kolkata
© Copyright 2014 Chartered Information Systems Pvt. Ltd.
  • Terms & Conditions
  • Privacy Policy