UniMate USB User Manual

From SecuTech Wiki
Jump to: navigation, search


UniMate Manual

Version 2.1

Version Date
1.0 2015.7
2.0 2016.7
2.1 2018.2

The data and information contained in this document cannot be altered without the express written permission of SecuTech Solution Inc. No part of this document can be reproduced or transmitted for any purpose whatsoever, either by electronic or mechanical means.

The general terms of trade of SecuTech Solution Inc. apply. Diverging agreements must be made in writing.

Copyright SecuTech Solution Inc. All rights reserved.

WINDOWS is a registered trademark of Microsoft Corporation.

The WINDOWS-logo is a registered trademark (TM) of Microsoft Corporation.

Software License

The software and the enclosed documentation are copyright-protected. By installing the software, you agree to the conditions of the licensing agreement.

Licensing Agreement

SecuTech Solution Inc. (SecuTech for short) gives the buyer the simple, exclusive and non-transferable licensing right to use the software on one individual computer or networked computer system (LAN). Copying and any other form of reproduction of the software in full or in part as well as mixing and linking it with others is prohibited. The buyer is authorized to make one single copy of the software as backup. SecuTech reserves the right to change or improve the software without notice or to replace it with a new development. SecuTech is not obliged to inform the buyer of changes, improvements or new developments or to make these available to him. A legally binding promise of certain qualities is not given. SecuTech is not responsible for damage unless it is the result of deliberate action or negligence on the part of SecuTech or its aids and assistants. SecuTech accepts no responsibility of any kind for indirect, accompanying or subsequent damage.

Contact Information

Web: http://www.esecutech.com

Email: sales@esecutech.com

Please Email any comments, suggestions or questions regarding this document or our products to us at: sales@esecutech.com


CE Attestation of Conformity
CE Attestation.png
UniMate is in conformity with the protection requirements of CE Directives 89/336/EEC Amending Directive 92/31/EEC. UniMate satisfies the limits and verifying methods: EN55022/CISPR 22 Class B, EN55024: 1998.




FCC Standard
FCC.png
This device is in conformance with Part 15 of the FCC Rules and Regulation for Information Technology Equipment.
Operation of this product is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.




USB Logo.png
The equipment of UniMate is USBbased.




Conformity to ISO 9001:2000
ISO 9001.png
The Quality System of SecuTech Solution Inc., including its implementation, meets the requirements of the standard ISO 9001:2000




ROHS
ROHS.png
All UniMate products are environmentally friendly with ROHS certificates.





Overview

The UniMate USB, hereinafter referred to as UniMate, is a mobile authenticator and information security PKI product based on CCID technology (except UniMate Drive). It functions as a secure container for digital credentials. An advanced processor and secure memory are built into the device to provide security for exchanging, storing and handling of electronic information.

UniMate has achieved an effective rights management and provides a highly-secure file system. The built-in processor allows for fast and efficient information processing.

UniMate supports PKCS#11, CSP and Value Added APIs (CD-ROM and Partition). The abundant samples provided in the SDK help to ease integration.

UniMate also supports iOS, Android and a multitude of other devices through either a USB port using the CCID protocol or a 3.5mm TRRS audio jack.

UniMate Features

Universal features of UniMate
  • Globally unique hardware ID.
  • Customizable software ID.
  • Smart card based.
  • On-board encryption.
  • Two levels of PIN management mechanism.
  • A secure file system.
  • Up to 64KB of memory.
  • Stylish and cute case.
  • Lead free.

UniMate Drive

The UniMate Drive is a mobile authenticator and information security PKI product which can store key certificates. UniMate Drive includes two storage types: flash memory and CD-ROM. You can set up the storage size using the Partition tool and the Value Added library. ISO files can be loaded into the CD-ROM partition. You can also format the flash memory and copy files into it, and so on. The total capacity of the UniMate Drive is between 2 to 32 GB, you can partition it as you wish. UniMate Drive supports PKCS#11, CSP and Value Added APIs (CD-ROM and Partition).

UniMate Drive architecture Linux and Mac OS X (PKCS#11 and Value Added API)
UniMate Drive architecture Windows (PKCS#11 and Value Added API and Windows CSP, minidriver and mass storage driver)

UniMate Flex

UniMate Flex is an interactive hybrid mobile authentication token designed particularly for use in banking. The two-factor authentication device makes use of a high-performance smart card, an LED display and confirmation buttons to verify the secondary form of authentication. Users can visually confirm transaction information on-screen and press the confirmation button to approve only authorized transactions.

UniMate Flex features PKI based digital certificate and private key storage, as well as on-board encryption, with the ability to generate and store RSA secret key pairs within the key.

UniMate Flex mobile authentication token

UniMate USB

UniMate driverless USB smart card authentication token
multiple UniMate driverless USB smart card authentication tokens

UniMate USB is a FIPS 140-2 algorithm certified smart card USB authentication token which utilizes smart card technology for strong authentication. Smart card technology allows for highly robust authentication and verification solutions.

Organizational Use

Enhanced Business
With secure access in place, organizations can enable business process and transactions through network connectivity and online services anytime, anywhere, with confidence.
Security
UniMate USB provides robust protection of sensitive business data from unauthorized access.
Cost Effective
UniMate USB reduces password administration costs and losses from data breaches, and provides multiple flexible solutions on one platform.


Personal Use

Identity Protection
UniMate USB provides individuals with a secure digital identity and hence protected from theft and abuse.
Portability and Convenience
UniMate USB enables users to access their credentials securely wherever they go, whenever they want.
Error creating thumbnail: File missing
UniMate USB/Flex architecture iOS and Android (PKCS#11)
UniMate USB/Flex architecture Windows (PKCS#11, Value Added API and Windows CSP, minidriver, and CCID driver)


Security

Security is the most important feature of the UniMate system. It involves an identification and verification method, including a file access permission control mechanism inside the UniMate, a confidential access system. This security attribute is changed based on the current state of the device, when the card is reset or after the UniMate has finished some commands.

PIN

The following table describes different key types and use.

PIN Type Use
User PIN Directory level authentication.
Control different users' read and write permissions.
Generate key pairs.
Certificate management.
Sign and so on.
Admin PIN Ensures the security during the card initialization
To reset User PIN/unlock a user.

User PIN: a personal identification number which is firstly hashed and then stored in the device.

Admin PIN: a console identification number.

Factory default settings

The default User PIN is 11111111 and the default Admin PIN is 00000000.


SDK

Components Description
CSP (MS-CAPI) Declaration of standardized identifiers and interface of CSP
CSP libraries
Redists/PKI package.exe
Samples for CSP
CSP Manual.pdf
Documents Manual.pdf (UniMate manual)
PKCS#11 Declaration of the standardized identifiers and interface of PKCS
PKCS libraries
Samples for PKCS
PKCS#11.pdf
Utilities Utilities Installation (Console setup.exe, Monitor setup.exe)
Utilities Manual
Value Added API Declaration of the standardized identifiers and interface of Value Added API
Value Added API libraries
Samples for Value Added API
API Manual.pdf
Quick Start.pdf Product overview
Software introduction
Utilities introduction
Factory default settings
ReadMe.txt Changelog

Applying Digital Certificates

UniMate provides a perfect container for digital certificates, supporting X.509 digital certificates. The UniMate PKI package is a middleware that provides digital certificate usage.

A digital certificate and authenticated access is needed to use the UniMate, as without it, any operation on the UniMate is forbidden. In this part, we will introduce how to apply digital certificates. We will take VeriSign certificates and Microsoft Certificates as examples.

Applying Microsoft Certificates

Microsoft certificate address

Insert a UniMate into the USB port first, and start IE to open the Microsoft certificate application page. This is the home page of the certificate application site. Firstly, you should click "Request a certificate".

Microsoft Active Directory Certificate Services homepage

And then, select "advanced certificate request".

requesting a certificate

On the page of Advanced Certificate Request, select "Create and submit a request to this CA".

advanced certificate request page

For a certificate template, select "Smartcard User" in the list; for CSP, select "UniMateDRIVE CSP v2.0".

advanced certificate template page

Then, a window will appear to ask you to type in your UniMate's PIN. Click OK. The system will generate a certificate automatically.

enter UniMate PIN

Click "Install this certificate" for installation.

certificate issued

After installation, the system will prompt that the certificate has been successfully installed.

certificate installed

Using Digital Certificates

SecuTech provides a series of solutions for the use of digital certificates, in the aspects of IE, Outlook, PDF, Office, and so on.

For detailed instructions about this, please download the related integration guides from https:\\www.esecutech.com.


Specifications

UniMate Drive

Key Features
Driverless Operation 2GB, 4GB, 8GB, 16GB and 32GB
Selective Mass Storage Normal Partition
Virtual CD-ROM
Dimensions 52.8x17x7 mm
Weight 7.2g
Min. Operating Voltage 5V
Current Consumption <= 50 mA
Operating Temperature 0℃ to 70℃
Storage Temperature -10℃ to 85℃
Humidity Rate 0-70% without condensation
Casing Tamper-Resistant Metal
Memory Data Retention At least 10 years
Memory Cell Rewrites At least 100,000 times
PKI PKCS#11
MS-CAPI
Onboard Encryption Algorithms 1024- and 2048-bit RSA
128-, 192- and 256-bit AES
64-bit DES and 192-bit TDES
Onboard Hashing MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Operating System Compatibility Linux
Windows 98 SE, 2000, ME, XP, 2003, Vista, 7, 8, and 10
Windows Server 2000, 2008 and 2012

UniMate Flex

Hardware
Dimensions 65x36x11.4 mm
Weight 23g
Audio Interface 3.5mm TRRS
USB Interface USB Type A
Display LCD
Hardware ID 64-bit Globally Unique
Internal Memory > 16KB
Mobile Device Software Audio Authentication Interface
Casing Tamper-Resistant Metal
Middleware PKCS#11
MS-CAPI
Audio Authentication API
X.509 Digital Certificate
Performance
Min. Operating Voltage 5V
Current Consumption <= 50 mA
Operation Temperature 0℃ to 70℃
Storage Temperature -10℃ to 85℃
Humidity Rate 0-70% without condensation
Memory Data Retention At least 10 years
Memory Cell Rewriters At least 100,000 times
Supported Platforms Mobile OS: iOS, Android, Symbian, Windows Phone
PC: Windows, Linus, Mac OS X

UniMate USB

Key Features
PKI token with CCID interface
Embedded Smart Card
Onboard Encryption
Three-level Permission System
Secure File System
Auto-lock Mechanism
MS-CAPI, PKCS#11 and X.509 v3 Standard Compliant
Globally Unique Hardware ID (32-bit)
User-Defined Token ID
Lead-Free
Robust Case
Hardware
Dimensions 52.8x17x7 mm
Weight 6.4g/2.4g
Interface USB
Performance
Min. Operating Voltage 5V
Current Consumption <= 50 mA
Operation Temperature 0℃ to 70℃
Storage Temperature -10℃ to 85℃
Humidity Rate 0-70% without condensation
PKI PKCS#11
MS-CAPI
Onboard Encryption Algorithms 1024- and 2048-bit RSA
DSTU4145-series
128-, 192- and 256-bit AES
64-bit DES and 192-bit TDES
GOST28147
Onboard Hashing MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Supported Platforms Linux
Windows 2000, XP, 2003, Vista, 7, 8, 8.1, and 10
Windows Server 2008 and Server 2012
Software Developers UniMate USB API libraries in Windows and Linux
UniMate USB Console for management of UniMate USB devices
UniMate USB PKI middleware for PKCS# 11 and MS-CAPI applications
UniMate USB IE ActiveX Control, Firefox Plugin
Software - Users UniMate USB Monitor for registration and management of user digital certificates


Frequently Asked Questions

What is UniMate?

UniMate is SecuTech's mobile authentication product family focusing on secure transaction authentication and platform interchangeability by employing two-factor authentication.

How does UniMate work?

UniMate authentication utilizes PKI technology, where certificates are securely stored within the UniMate device and are inaccessible without the appropriate permissions to interact with the device.

The TRRS audio port found on most mobile devices is used for secure communication during use of the device, in addition to providing a micro USB interface for use and configuration on a desktop platform.

What is PKI?

Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.

What algorithms are supported?

UniMate supports 2048-bit RSA, 1024-bit RSA, 128-bit AES, 192-bit AES, 256-bit AES, 64-bit DES, and 192-bit TDES. More algorithms will be added and current info is subjected to change from time to time.

What is the middleware?

The middleware contains PKCS#11, MS-CAPI, and Audio Authentication APIs and X.509 Digital Certificates.

What is the default PIN?

The default Admin PIN is eight zeros, or "00000000", the default User PIN is eight ones, or "11111111", without quotation marks.

Where can I receive further assistance?

If you have any questions, please feel free to contact us at: http://www.esecutech.com/support or support@esecutech.com



Footer Logo List.png




About SecuTech

SecuTech Solution Inc. is a company specializing in data protection and strong authentication, providing total customer satisfaction in security systems & services for banks, financial institutions & other industries. Having extensive and in-depth experience within the information security market, SecuTech has drawn upon this experience to utilize today's cutting-edge technologies that are effective against increasingly sophisticated cyber attacks. Enabling enterprises, financial institutions, and government to safely adopt the economic benefits of mobile and cloud computing.

http://www.esecutech.com
SecuTech Solution Inc.

Contact Us:
North America China Asia-Pacific EMEA
Address 1250 Boulevard Ren-Lvesque Ouest, #2200, Montreal, QC, H3B 4W8, Canada Level 12, #67 Bei Si Huan Xi Lu, Beijing, China, 100080 Suite 2.06, 32 Delhi Rd, North Ryde, NSW, 2113, Australia 4 Cours Bayard 69002 Lyon, France
Phone +1 -888-259-5825 +8610-8288 8834 00612-9888 6185 +33-042-600-2810
Fax +1 -888-259-5825 ext.0 +8610-8288 8834 00612-9888 6185 +33-042-600-2810
Email info@esecutech.com cn@esecutech.com aus@esecutech.com europe@esecutech.com

Copyright 2018 SecuTech Solution Inc. All rights reserved. Reproduction in whole or in part without written permission from SecuTech is prohibited. SecuTech UniMate and the SecuTech logo are trademarks of SecuTech Inc. Windows and all other trademarks are properties of their respective owners. Features and specifications are subject to change without notice.

SecuTech Logo.png



TOP