German insurance company Basler Securitas has ditched RSA in favour of Kobil for a one time password system to authenticate users accessing its company network remotely over Virtual Private Networks.

The firm abandoned a partially completed rollout of 450 installed RSA SecurID tokens and begun replacing them with the SecOVID system from German IT security company Kobil Systems.

Basler Securitas said it decided to implement the Kobil alternative as it was found to be more cost efficient and easier for staff to use.

As batteries cannot be exchanged with RSA tokens, the insurance company pointed out that extra costs are incurred due to the life span of such devices being limited, whereas the SecOVID units allow batteries to be changed.

The other issue was found to centre on the fact that the time-based RSA solution generates a new password every 60 seconds. This led to "many input errors" due to the perceived time pressure on end users. The firm compared this system to the Kobil alternative which generates the one time passwords on demand.

"The SecOVID solution has a very positive price/performance ratio. It is based on international standards and the implementation went fast and without any problems. The system is very stable and we are very satisfied with our new authentication solution", said Thomas Dörr, manager data processing/networks at Baser Secuitas.

Using the SecOVID password generation device, users generate an eight digit one time password with their tokens, which they enter together with their PIN to log on to the network. On the server side, the SecOVID software checks, if the password is valid. The one time passwords are calculated on the basis of a secret 3 DES key, which is saved on the SecOVID server as well as on the token.