FortiToken Mobile is an OATH compliant, time-based One-Time-Password (OTP) generator application for the mobile device. It is the client component of Fortinet’s highly secure, simple to use and administer, and extremely cost effective two factor solution for meeting your strong authentication needs. This application makes Android and iOS devices (iPhone, iPad or iPod Touch) behave like a hardware-based OTP token without the hassles of remembering and carrying yet another device.
Besides offering out-of-the-box interoperability with any time-based OATH compliant authentication server, such as the FortiAuthenticator from Fortinet, the FortiToken can also be used directly with the FortiGate® consolidated security platform, including High Availability configurations. FortiGate has an integrated authentication server for validating the OTP as the second authentication factor for SSL VPN, IPSec VPN, Captive Portal and Administrative login, thereby eliminating the need for the external RADIUS server ordinarily required when implementing two-factor solutions.
What makes this mobile OTP application superior to others on the market is that while being simple to use for the enduser, and easy to administer and provision for the system administrator, it is actually more secure than the conventional hard token. The token seeds are generated dynamically, minimizing online exposure. Binding the token to the device is enforced and the seeds are always encrypted at rest and in motion.