Intel® Identity Protection Technology (Intel® IPT)
Multi-faceted security to protect online user account access
An added layer of hardware-based security
Protecting your identity and business data stored in the cloud requires strong authentication that's ideally rooted in hardware. Hardware-based authentication is widely regarded by security experts as a more effective approach than software-only authentication.
Intel® Identity Protection Technology (Intel® IPT) is a suite of authentication and online access technologies designed to offer web properties and enterprises with stronger, hardware-based security and embedded ease of use, while offering a lower cost compared with traditional hardware or SMS authentication. Intel IPT includes two-factor authentication with dynamic one-time password (OTP) tokens, display protection with protected transaction display (PTD), certificates with public key infrastructure (PKI), and protected contactless transactions with near field communications (NFC) technology.
How does Intel® Identity Protection Technology (Intel® IPT) work?
Intel IPT with One-time password (OTP)
Intel IPT strengthens network and web site access with second factor authentication using OTP tokens. When a user visits a website that uses Intel IPT from an Intel IPT-enabled device, after user opt-in, the website can provision the embedded OTP token and bind it to that user’s account. The OTP token generates a single-use password that expires after just 30 seconds. Web properties of enterprises can use this OTP token in conjunction with a username and password to get strong two-factor authentication. Since this token is built right into the device hardware, it is much more convenient for users to use and cheaper for businesses to deploy and manage. It also doesn't incur per transaction charges like SMS, which can build up over large volume usage. Intel IPT with OTP is available on all PCs using 3rd generation or later Intel® Core™ processor, and select Intel® Atom™ processor tablets and phones.
Intel IPT with Public key infrastructure (PKI)
Intel IPT also includes PKI support built into the device hardware, where RSA key pairs and certificates are generated in the embedded security processor. This can help authenticate any transactions, documents, or web traffic originating from a given device, and also help establish mutual authentication between a system and a website. Enterprises already using PKI can manage Intel IPT with PKI devices using Microsoft CryptoAPI*. Intel IPT with PKI provides enterprises with hardware-based security while saving on the additional cost of traditional smart cards and readers or special-order PCs. This technology is built into all 2nd generation or later Intel® vPro™ platforms.
Intel IPT with Protected transaction display (PTD)
Intel IPT with PTD can display information to the user and receive input from the user using the embedded security processor. Information displayed (e.g., PIN pad, virtual keyboard, or CAPTCHA) using PTD is designed to only be visible to a user physically present in front of the device. Users can provide input by clicking the buttons on such a PIN pad, keyboard, or other widget. Therefore, in addition to protecting user inputs, meaningful user interaction with such information helps indicate user presence. Intel IPT with PTD is available on all PCs using 3rd generation or later Intel® Core™ processors and select Intel® Atom™ processor tablets.
Intel IPT with Near field communication (NFC)
Intel IPT with NFC technology contains a contactless reader built into the device. A user can tap a contactless card, phone, or other credential for usages such as logging into a website or making an online purchase. When the user taps their credential on the reader, Intel IPT with NFC protects the credential information from being directly exposed to the OS and any potential malware on that device. This enables the ease of use of NFC technology to be brought safely to an open device like a PC or a tablet to enable many innovative usages. This is available on select Intel-inspired Ultrabook™ devices but expected to grow broader.