How the New COVID-19 Normal Will Accelerate the Shift from Tokens to Digital Certificates
Among the most common methods employed to verify identity are hard and soft tokens. Hard tokens most often take the form of a USB “dongle” or a magnetic swipe card embedded in a badge used to access everything from a local office to a data center containing millions of dollars of IT equipment. Soft tokens are apps that run on a user’s mobile device and provide real-time authentication information. However, both tokens come with serious flaws and disadvantages that have only proven worse over time.
In contrast to a traditional hard or soft token, a digital certificate assigns an encrypted identity that is specific to each device. When a certificate-signed device attempts to access the network, the authenticated digital identity cryptographically included in the certificate can verify that this machine has access permissions. This approach eliminates the time and expense problems of hard tokens while also protecting against the security weaknesses inherent in the soft token model.