UniMate USB User Manual
Contents
UniMate Manual
Version 2.1
| Version | Date |
| 1.0 | 2015.7 |
| 2.0 | 2016.7 |
| 2.1 | 2018.2 |
The data and information contained in this document cannot be altered without the express written permission of SecuTech Solution Inc. No part of this document can be reproduced or transmitted for any purpose whatsoever, either by electronic or mechanical means.
The general terms of trade of SecuTech Solution Inc. apply. Diverging agreements must be made in writing.
Copyright SecuTech Solution Inc. All rights reserved.
WINDOWS is a registered trademark of Microsoft Corporation.
The WINDOWS-logo is a registered trademark (TM) of Microsoft Corporation.
Software License
The software and the enclosed documentation are copyright-protected. By installing the software, you agree to the conditions of the licensing agreement.
Licensing Agreement
SecuTech Solution Inc. (SecuTech for short) gives the buyer the simple, exclusive and non-transferable licensing right to use the software on one individual computer or networked computer system (LAN). Copying and any other form of reproduction of the software in full or in part as well as mixing and linking it with others is prohibited. The buyer is authorized to make one single copy of the software as backup. SecuTech reserves the right to change or improve the software without notice or to replace it with a new development. SecuTech is not obliged to inform the buyer of changes, improvements or new developments or to make these available to him. A legally binding promise of certain qualities is not given. SecuTech is not responsible for damage unless it is the result of deliberate action or negligence on the part of SecuTech or its aids and assistants. SecuTech accepts no responsibility of any kind for indirect, accompanying or subsequent damage.
Contact Information
Email: sales@esecutech.com
Please Email any comments, suggestions or questions regarding this document or our products to us at: sales@esecutech.com
- CE Attestation of Conformity
- UniMate is in conformity with the protection requirements of CE Directives 89/336/EEC Amending Directive 92/31/EEC. UniMate satisfies the limits and verifying methods: EN55022/CISPR 22 Class B, EN55024: 1998.
- FCC Standard
- This device is in conformance with Part 15 of the FCC Rules and Regulation for Information Technology Equipment.
- Operation of this product is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.
- Conformity to ISO 9001:2000
- The Quality System of SecuTech Solution Inc., including its implementation, meets the requirements of the standard ISO 9001:2000
- ROHS
- All UniMate products are environmentally friendly with ROHS certificates.
Overview
The UniMate USB, hereinafter referred to as UniMate, is a mobile authenticator and information security PKI product based on CCID technology (except UniMate Drive). It functions as a secure container for digital credentials. An advanced processor and secure memory are built into the device to provide security for exchanging, storing and handling of electronic information.
UniMate has achieved an effective rights management and provides a highly-secure file system. The built-in processor allows for fast and efficient information processing.
UniMate supports PKCS#11, CSP and Value Added APIs (CD-ROM and Partition). The abundant samples provided in the SDK help to ease integration.
UniMate also supports iOS, Android and a multitude of other devices through either a USB port using the CCID protocol or a 3.5mm TRRS audio jack.
UniMate Features
- Universal features of UniMate
- Globally unique hardware ID.
- Customizable software ID.
- Smart card based.
- On-board encryption.
- Two levels of PIN management mechanism.
- A secure file system.
- Up to 64KB of memory.
- Stylish and cute case.
- Lead free.
UniMate Drive
The UniMate Drive is a mobile authenticator and information security PKI product which can store key certificates. UniMate Drive includes two storage types: flash memory and CD-ROM. You can set up the storage size using the Partition tool and the Value Added library. ISO files can be loaded into the CD-ROM partition. You can also format the flash memory and copy files into it, and so on. The total capacity of the UniMate Drive is between 2 to 32 GB, you can partition it as you wish. UniMate Drive supports PKCS#11, CSP and Value Added APIs (CD-ROM and Partition).
UniMate Flex
UniMate Flex is an interactive hybrid mobile authentication token designed particularly for use in banking. The two-factor authentication device makes use of a high-performance smart card, an LED display and confirmation buttons to verify the secondary form of authentication. Users can visually confirm transaction information on-screen and press the confirmation button to approve only authorized transactions.
UniMate Flex features PKI based digital certificate and private key storage, as well as on-board encryption, with the ability to generate and store RSA secret key pairs within the key.
UniMate USB
UniMate USB is a FIPS 140-2 algorithm certified smart card USB authentication token which utilizes smart card technology for strong authentication. Smart card technology allows for highly robust authentication and verification solutions.
- Organizational Use
- Enhanced Business
- With secure access in place, organizations can enable business process and transactions through network connectivity and online services anytime, anywhere, with confidence.
- Security
- UniMate USB provides robust protection of sensitive business data from unauthorized access.
- Cost Effective
- UniMate USB reduces password administration costs and losses from data breaches, and provides multiple flexible solutions on one platform.
- Personal Use
- Identity Protection
- UniMate USB provides individuals with a secure digital identity and hence protected from theft and abuse.
- Portability and Convenience
- UniMate USB enables users to access their credentials securely wherever they go, whenever they want.
Security
Security is the most important feature of the UniMate system. It involves an identification and verification method, including a file access permission control mechanism inside the UniMate, a confidential access system. This security attribute is changed based on the current state of the device, when the card is reset or after the UniMate has finished some commands.
PIN
The following table describes different key types and use.
| PIN Type | Use |
| User PIN | Directory level authentication. Control different users' read and write permissions. Generate key pairs. Certificate management. Sign and so on. |
| Admin PIN | Ensures the security during the card initialization To reset User PIN/unlock a user. |
User PIN: a personal identification number which is firstly hashed and then stored in the device.
Admin PIN: a console identification number.
Factory default settings
The default User PIN is 11111111 and the default Admin PIN is 00000000.
SDK
| Components | Description |
| CSP (MS-CAPI) | Declaration of standardized identifiers and interface of CSP CSP libraries Redists/PKI package.exe Samples for CSP CSP Manual.pdf |
| Documents | Manual.pdf (UniMate manual) |
| PKCS#11 | Declaration of the standardized identifiers and interface of PKCS PKCS libraries Samples for PKCS PKCS#11.pdf |
| Utilities | Utilities Installation (Console setup.exe, Monitor setup.exe) Utilities Manual |
| Value Added API | Declaration of the standardized identifiers and interface of Value Added API Value Added API libraries Samples for Value Added API API Manual.pdf |
| Quick Start.pdf | Product overview Software introduction Utilities introduction Factory default settings |
| ReadMe.txt | Changelog |
Applying Digital Certificates
UniMate provides a perfect container for digital certificates, supporting X.509 digital certificates. The UniMate PKI package is a middleware that provides digital certificate usage.
A digital certificate and authenticated access is needed to use the UniMate, as without it, any operation on the UniMate is forbidden. In this part, we will introduce how to apply digital certificates. We will take VeriSign certificates and Microsoft Certificates as examples.
Applying Microsoft Certificates
Insert a UniMate into the USB port first, and start IE to open the Microsoft certificate application page. This is the home page of the certificate application site. Firstly, you should click "Request a certificate".
And then, select "advanced certificate request".
On the page of Advanced Certificate Request, select "Create and submit a request to this CA".
For a certificate template, select "Smartcard User" in the list; for CSP, select "UniMateDRIVE CSP v2.0".
Then, a window will appear to ask you to type in your UniMate's PIN. Click OK. The system will generate a certificate automatically.
Click "Install this certificate" for installation.
After installation, the system will prompt that the certificate has been successfully installed.
Using Digital Certificates
SecuTech provides a series of solutions for the use of digital certificates, in the aspects of IE, Outlook, PDF, Office, and so on.
For detailed instructions about this, please download the related integration guides from https:\\www.esecutech.com.
Specifications
UniMate Drive
| Key Features | |
| Driverless Operation 2GB, 4GB, 8GB, 16GB and 32GB | |
| Selective Mass Storage | Normal Partition Virtual CD-ROM |
| Dimensions | 52.8x17x7 mm |
| Weight | 7.2g |
| Min. Operating Voltage | 5V |
| Current Consumption | <= 50 mA |
| Operating Temperature | 0℃ to 70℃ |
| Storage Temperature | -10℃ to 85℃ |
| Humidity Rate | 0-70% without condensation |
| Casing | Tamper-Resistant Metal |
| Memory Data Retention | At least 10 years |
| Memory Cell Rewrites | At least 100,000 times |
| PKI | PKCS#11 MS-CAPI |
| Onboard Encryption Algorithms | 1024- and 2048-bit RSA 128-, 192- and 256-bit AES 64-bit DES and 192-bit TDES |
| Onboard Hashing | MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 |
| Operating System Compatibility | Linux Windows 98 SE, 2000, ME, XP, 2003, Vista, 7, 8, and 10 Windows Server 2000, 2008 and 2012 |
UniMate Flex
| Hardware | |
| Dimensions | 65x36x11.4 mm |
| Weight | 23g |
| Audio Interface | 3.5mm TRRS |
| USB Interface | USB Type A |
| Display | LCD |
| Hardware ID | 64-bit Globally Unique |
| Internal Memory | > 16KB |
| Mobile Device Software | Audio Authentication Interface |
| Casing | Tamper-Resistant Metal |
| Middleware | PKCS#11 MS-CAPI Audio Authentication API X.509 Digital Certificate |
| Performance | |
| Min. Operating Voltage | 5V |
| Current Consumption | <= 50 mA |
| Operation Temperature | 0℃ to 70℃ |
| Storage Temperature | -10℃ to 85℃ |
| Humidity Rate | 0-70% without condensation |
| Memory Data Retention | At least 10 years |
| Memory Cell Rewriters | At least 100,000 times |
| Supported Platforms | Mobile OS: iOS, Android, Symbian, Windows Phone PC: Windows, Linus, Mac OS X |
UniMate USB
| Key Features | |
| PKI token with CCID interface Embedded Smart Card Onboard Encryption Three-level Permission System Secure File System Auto-lock Mechanism MS-CAPI, PKCS#11 and X.509 v3 Standard Compliant Globally Unique Hardware ID (32-bit) User-Defined Token ID Lead-Free Robust Case |
|
| Hardware | |
| Dimensions | 52.8x17x7 mm |
| Weight | 6.4g/2.4g |
| Interface | USB |
| Performance | |
| Min. Operating Voltage | 5V |
| Current Consumption | <= 50 mA |
| Operation Temperature | 0℃ to 70℃ |
| Storage Temperature | -10℃ to 85℃ |
| Humidity Rate | 0-70% without condensation |
| PKI | PKCS#11 MS-CAPI |
| Onboard Encryption Algorithms | 1024- and 2048-bit RSA DSTU4145-series 128-, 192- and 256-bit AES 64-bit DES and 192-bit TDES GOST28147 |
| Onboard Hashing | MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 |
| Supported Platforms | Linux Windows 2000, XP, 2003, Vista, 7, 8, 8.1, and 10 Windows Server 2008 and Server 2012 |
| Software Developers | UniMate USB API libraries in Windows and Linux UniMate USB Console for management of UniMate USB devices UniMate USB PKI middleware for PKCS# 11 and MS-CAPI applications UniMate USB IE ActiveX Control, Firefox Plugin |
| Software - Users | UniMate USB Monitor for registration and management of user digital certificates |
Frequently Asked Questions
What is UniMate?
UniMate is SecuTech's mobile authentication product family focusing on secure transaction authentication and platform interchangeability by employing two-factor authentication.
How does UniMate work?
UniMate authentication utilizes PKI technology, where certificates are securely stored within the UniMate device and are inaccessible without the appropriate permissions to interact with the device.
The TRRS audio port found on most mobile devices is used for secure communication during use of the device, in addition to providing a micro USB interface for use and configuration on a desktop platform.
What is PKI?
Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
What algorithms are supported?
UniMate supports 2048-bit RSA, 1024-bit RSA, 128-bit AES, 192-bit AES, 256-bit AES, 64-bit DES, and 192-bit TDES. More algorithms will be added and current info is subjected to change from time to time.
What is the middleware?
The middleware contains PKCS#11, MS-CAPI, and Audio Authentication APIs and X.509 Digital Certificates.
What is the default PIN?
The default Admin PIN is eight zeros, or "00000000", the default User PIN is eight ones, or "11111111", without quotation marks.
Where can I receive further assistance?
If you have any questions, please feel free to contact us at: http://www.esecutech.com/support or support@esecutech.com
|
About SecuTech
SecuTech Solution Inc. is a company specializing in data protection and strong authentication, providing total customer satisfaction in security systems & services for banks, financial institutions & other industries. Having extensive and in-depth experience within the information security market, SecuTech has drawn upon this experience to utilize today's cutting-edge technologies that are effective against increasingly sophisticated cyber attacks. Enabling enterprises, financial institutions, and government to safely adopt the economic benefits of mobile and cloud computing.
http://www.esecutech.com
SecuTech Solution Inc.
| North America | China | Asia-Pacific | EMEA | |
|---|---|---|---|---|
| Address | 1250 Boulevard Ren-Lvesque Ouest, #2200, Montreal, QC, H3B 4W8, Canada | Level 12, #67 Bei Si Huan Xi Lu, Beijing, China, 100080 | Suite 2.06, 32 Delhi Rd, North Ryde, NSW, 2113, Australia | 4 Cours Bayard 69002 Lyon, France |
| Phone | +1 -888-259-5825 | +8610-8288 8834 | 00612-9888 6185 | +33-042-600-2810 |
| Fax | +1 -888-259-5825 ext.0 | +8610-8288 8834 | 00612-9888 6185 | +33-042-600-2810 |
| info@esecutech.com | cn@esecutech.com | aus@esecutech.com | europe@esecutech.com |
Copyright 2018 SecuTech Solution Inc. All rights reserved. Reproduction in whole or in part without written permission from SecuTech is prohibited. SecuTech UniMate and the SecuTech logo are trademarks of SecuTech Inc. Windows and all other trademarks are properties of their respective owners. Features and specifications are subject to change without notice.
