Return to Events
IIJ Launches One-time Password Application "IIJ SmartKey"
TOKYO-April 3, 2015-Internet Initiative Japan Inc. (IIJ, NASDAQ: IIJI, TSE1: 3774), one of Japan's leading Internet access and comprehensive network solutions providers, today announced that it launched the free "IIJ SmartKey" one-time password management application in the App Store and Google Play on April 1, 2015. The new application is an effective means of strengthening the security of user authentication for web services.
One-time passwords are disposable passwords that are valid for use only a single time. When verifying online identities for e-commerce transactions, social networking services, and the like, user authentication typically consists of inputting a user ID and a password. By adding a one-time password to this process and thus implementing two-factor authentication (two-step verification), the level of security can be increased, preventing unauthorized logins by impersonators and other breaches. IIJ SmartKey is a one-time password generation application for smartphones. The application can be used for two-factor authentication with a variety of web-based services that comply with the TOTP(*) standard. Multiple one-time passwords can be centrally managed on a single device.
(*) TOTP (RFC6238 Time-based One-time Password Algorithm): A standardized time-synchronized one-time password authentication technology.
The goal of two-factor authentication with one-time passwords is to prevent unauthorized use of passwords by third-parties. It is frequently employed in online transactions, such as Internet banking, that require the use of advanced security measures. Recently, general awareness of security has been on the rise, and one-time password authentication is increasingly being deployed in web-mail services and social networking sites. IIJ strove to meet these needs for stronger security and to enable customers of all sorts to feel secure while accessing online services when it developed the free application; the design and ease-of-use of the application were given full consideration.
Summary of IIJ SmartKey
||TOTP (RFC 6238)
||iPhone (iOS 8.1 or newer), Android (4.0 or newer)
|One-time password digits
||6 or 8
|One-time password update period
||10 seconds to 86,400 seconds
||Japanese, English (localization scheduled for release in June)
Pass code requirement
To prevent unauthorized use by third-parties, authentication with Touch ID or a pass code is required when the application launches. In addition, if authentication fails, input is blocked for a certain period, depending on the number of attempts.
Exporting of settings data
The application's settings data can be exported as a QR code. Settings data can be easily carried over when switching devices by reading the QR code displayed on the old device with the new device.
IIJ focused on ease-of-use when it designed the simple interface so that a wide variety of customers could use the application.
Web services confirmed to work with IIJ SmartKey (as of March 13, 2015)
IIJ Secure MX Service (Spare Mail option), Amazon Web Services, Dropbox, Evernote, Facebook, Google Accounts, Google Apps for Work, Microsoft Accounts
(*) IIJ will continue to add services verified to work with the application.
For details of the application, see the following website:
http://www.iij.ad.jp/smartkey/ (Only in Japanese language)
How to use IIJ SmartKey
IIJ will continue to strive to enable customers to use Internet-based services even more securely.