SSenStone Achieves 'International CC Certification'

Seoul, June 1, 2023 - SSenStone, a leader in next-generation authentication security, announced that the world's first one-way dynamic authentication technology (OTAC - 'OTAC Token V1.0') has obtained the international Common Criteria (CC) certification.

SSenStone, which has already supplied user and device authentication solutions to financial service firms, public institutions and government agencies, is expected to be able to further strengthen its competitiveness in the global authentication security market by acquiring the international CC certification.  

CC certification is an international standard of specifications and guidelines designed to evaluate the security of ISO 15408 products, and is widely used as a standard for verifying the security, stability, and reliability of IT products in major countries around the world including Korea, the USA, the UK and Germany. CC certification involves rigorous and objective examination and is considered the most authoritative IT product security certification in the world in the private enterprise sector as well government and public sectors.

'OTAC Token V1.0' is a simple but highly secure authentication solution that authenticates users and devices through a one-time dynamic unique authentication code based on SSenStone’s patented OTAC (One-Time Authentication Code) technology. Since it uses a dynamic code that cannot be duplicated rather than an ID/PW method that uses a fixed value, it is not only safe from hacking and leakage, but it also provides a simplified single-step solution which is more user-friendly than current multi factor authentication (MFA) solutions, whilst maintaining the same level of security. In addition, the code can be generated even in an offline environment without reliance on communication networks or additional infrastructure as with public key infrastructure (PKI).

SSenStone’s award-winning authentication technology has already been established across various industries including finance, defense, and public sectors that require robust authentication processes, including clients Toss Bank, Kakao Bank, Millipass, and Indonesia Mint Corporation's eStamp service. Recently, SSenStone has successfully completed a proof of concept (PoC) with LS ELECTRIC to block external threats to programmable logic controllers (PLCs) in advance, and announced that they would continue to cooperate to resolve PLC vulnerabilities.  

"With the spread of process automation and artificial intelligence (AI), user and device authentication is becoming more and more important in blocking external threats before they can infiltrate systems and wreak havoc," said Yoo Chang-Hun, CEO of SSenStone. “This CC Certification again validates our technology and proves its potential to be a game-changer, not just in operational technology, but across a wide range of industries and institutions that require super-secure, simple authentication built for next-generation technologies”