Why we adopt Secure Key as a strong authentication device
but not RSA SecurID, smart cards, or digital certificates?

Secure Key FAQ

The evolution came a long way

Features Secure Key RSA SecurID Smart Card
Power & Longevity Powered by the USB port, no battery inside, last for 10 years or more Replace with a new token every 0.5 - 2 years when the battery dries up Same as Secure Key
Shipping Ship to the end customer via a regular mail Ship with a special bulky package that is 5 ~ 10 times more expensive than shipping a Secure Key. That is significant for the consumer market. It usually takes a smart card reader or is packaged as a USB token. The shipment with the special bulky package is 5 ~ 10 times more expensive than shipping a Secure Key. That is significant for the consumer market.
Platform Dependency Platform independent, it works on any OS, any browser, any computer with a USB port. No driver, no client software or middleware are needed. Same as Secure Key The driver, middleware depend on the OS and Windows upgrades often require them updated as well. Browser plug-in or ActiveX is needed to communicate with the smart card, making it OS and browser dependent.
Cost Cost effective due to the minimal materials required. And all the software, from client SDK, personalization tools to server software are with minimal costs. Expensive due the materials of display, battery and a bulky packaging and the pricy software licensing deals. Expensive with reader, driver, middleware, infrastructure and card combined.
Integration Easy and open-source client-side SDK available. In our experience it usually takes from 2 hours to a day for integration with your front & back end. Secure Key offers free, immediate online validation service to facilitate the your integration. So you don't have to buy and install the validation server up front. The effort is similar to Secure Key. But you have to buy the RSA validation server that costs a lot. Every card or reader has subtle differences in commands they provide.
Validation Service Secure Key offers subscription-based OTP validation service, or you can download the open-sourced server to run it on your own. Expensive to license the validation server, and you run your own 24x7 SecurID validation service. Depends, you can run your own 24x7 validation service or outsource to 3rd-party providers such as VeriSign.
Ease to Carry Secure Key is the easiest. You can put that in the wallet just like another credit card or string it on your key chain. Bulky to carry, doesn't fit into a wallet, thus easy to lose. The USB smart card form factor is bulky to carry, doesn't fit into a wallet. Or otherwise you may need to carry a reader with you.
Support & Training Minimal to none. Minimal to none. Heavy training and support are needed because of its heavy platform dependency, hard for end users to diagnose problems.
Best, since it takes no batteries and live for 10 years or more. Worst! Mercury is used in the battery, users dump them every few years when the battery dries up. OK, but the reader consumes a lot more materials to manufacture.
Multi-use Public services open to all Secure Keys are available such as mashedlife.com. In the near future you will use one Secure Key to securely access a lot more services because of Secure Key's low-cost token approach. That makes the token more useful and valuable and gives users a reason to carry it with them every day. One token for one single purpose, useless elsewhere. You end up carrying many tokens to access many services. One token for one single purpose, useless elsewhere. You end up carrying many tokens to access many services.
Versatility Secure Key identifies itself to the PC as a keyboard device, So it is more versatile, things you do on your keyboard can be programmed on the Secure Key to facilitate automation such as auto-navigation that launches the user browser and navigates to a designated web site. None. Minimal.
Security Secure Key generates a longer one-time password with just one touch, long passwords mean they are harder to crack. And that goes automatically to your PC like from a keyboard so no matter how long it is, users don't feel the burden. RSA SecurID requires users to enter the OTP manually from the keyboard, slow and error-prone especially if the OTP becomes longer. Also it is vulnerable to shoulder peeping. Smart card chips still have the strongest security and that also makes it less flexible and hard to use for consumers.
Marketing Values Auto-navigation brings traffic to your designated site. More services available to the general public make Secure Key useful for users' daily lives. None. None.

Secure Key Q & A

  1. Plug-n-Play - If you have an older OS that does not support Universal Plug and Play, the 1st time you plug in a Secure Key you may be led to the driver installation process. In that case follow recommended steps in the pop-up box to install the HID (Human Interface Device) driver that is already inside Windows (or other OS) Updates.

  2. No responses due to a loose USB connection?
    • Use another USB port, or use a USB hub or extension cable that has a tighter USB slot
    • Hold the Secure Key tighter to the port to avoid getting loose when you touch on it.

  3. Secure Key is NOT a memory stick.
    It is a read-only crypto key that generates one-time passwords.

  4. How do I know a Secure Key is connected to my PC properly?.
    See the light ring lightens up? If so, it is ready to work.

  5. Press gently on the key button.
    • Press the button
    • See the light starts blinking
    • Release your finger
    • You will see the one-time password generated on your PC screen just like typing from a keyobard

  6. If you use a virtual machine like VMWare or a remote desktop, make sure that virtual machine has access to the USB port.

  7. How do you compare Secure Key to software tokens?

    Secure Key as a read-only crypto key, is tamper-proof.

    Software and passive data stored on a PC are always vulnerable to tampering and virus. And the myth that software is free is incorrect, patching and release management, platform dependency, problem diagnosis all cost heavy technical support.

    Comparatively, Secure Key is the most worry-free no matter how the OS or browser upgrade or patch their software or how customers change their PCs, Secure Key always works well with them reliably.

  8. Do I need system administrator right to use Secure Key? No. But, if your PC is locked up by your company to disallow new USB devices to be connected to it, you will then need your corporate IT administrator to grant you the rights or connect Secure Key to your PC for you for the first time. It is one-time only.

  9. Get your Secure Key