What is soft token? - Definition from WhatIs.com
Part of the Authentication glossary:

A soft token is a software-based security token that generates a single-use login PIN.

Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for each use and displays it on a built-in LCD display. The system may activate after the user presses a button or enters an initial PIN. Security tokens are generally used in environments with higher security requirements as part of a multifactor authentication system. While the hardware-based systems are more secure, they are also costly and difficult to deploy on a large scale, as is required for online banking, for example.

Soft tokens are an attempt to replicate the security advantages of multifactor authentication, while simplifying distribution and lowering costs.  A smartphone soft token app performs the same task as a hardware-based security token. Like a hardware token, a smartphone provides an easy-to-protect and easy-to-remember location for secure login information: on the device itself. Unlike a hardware token, smartphones are connected devices, which make them inherently less secure. The extent of their security largely depends on the device’s operating system and client software.

This was last updated in December 2014
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms

Definitions

  • universal authentication

    - Universal authentication is a network identity-verification method that allows users to move from site to site securely without having to enter identifying information multiple times. (WhatIs.com)

  • signature analysis

    - Signature analysis has two meanings. It can involve scrutinizing human signatures in order to detect forgeries and it can be a troubleshooting technique in which an AC signal with a specific wavef... (WhatIs.com)

  • FIDO (Fast Identity Online)

    - FIDO (Fast ID Online) is an open standard for a secure and easy-to-use universal authentication interface created to address the lack of interoperability among strong authentication devices. The F... (WhatIs.com)

Glossaries

  • Authentication

    - Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.