OATH tokens generate One Time Passwords (OTP) that are used to authenticate. OATH tokens can be hardware devices such as a key for or display card or software based apps such as Google Authenticator. If you are unfamiliar with the OATH or OTPs, you can find more information at openauthentication.org.

The OATH standard support several different OTPs. These are:

• Event-based -  HOTP: An HMAC-Based OTP Algorithm (RFC 4226)
• Time-based -  TOTP: Time-based One-time Password Algorithm (RFC 6238)
• OATH Challenge/Response - OCRA: OATH Challenge/Response Algorithms Specification (RFC 6287)

SurePassID offers the following OATH tokens:

SurePassID G-Pass Time-based 6-Digit Token for use with Amazon Web Services GovCloud (US)          

• Two-factor Authentication (2FA) token EXCLUSIVELY for use with AWS GovCloud (US) accounts.
• OATH standard, time-based one-time password (TOTP) algorithm.
• Convenient keyfob, always on display, 6 digit LCD Display with countdown bars, 30 second change interval, 5-year Battery Life.
• You can purchase at Amazon

Two-Factor Authentication Card - OATH HOTP One-Time Passcode Display in a credit card size                   

• Two-factor Authentication (2FA) OATH standard One-Time Passcode Display Card, event-based (HOTP).
• Convenient credit card size fits in your wallet or ID badge lanyard, reduces lost/stolen overhead.
• 6 digit e-Paper Display, 5-year Battery Life or minimum 15,000 OTP's (TOTP and other options available by special order).
• ISO 7816 compliant - may be issued as a payment card with magnetic stripe and EMV chip (special order only).
• Use your existing OATH authentication server or contact us if you need a modern OATH and FIDO auth server to secure all points of access including web, mobile, enterprise apps.

The SurePassID Authentication Server supports all of the OATH standards and can import Comma Separated Values (CSV) seed files as well as Oath PSKC  Portable Symmetric Key Container (RFC 6030) files.