Device side, IRETH proposes its easy to use and portable DisplayCard, the D800 in OATH standard both event-based (HOTP) and time based (TOTP) and the new challenge-response OCRA-1. However IRETH fully supports also many other devices both hardware (tokens) and software (on win32 PC or java smartphone) besides own SMS OTP integrated solution , HOTP based, even custom-made (one otp per request, otp list for next authentications, otp only device).
The simple and effective working logic is obtained since the user, in order to authenticate itself to the remote service, uses credentials composed by three elements:

• One UserID (something he knows)
• One PIN (for example the token serial number)
• One OTP code (one time generated by token)

The tokens generate an univocal sequence of OTP being based on a secret (seed) belonging to each token (bijective relation between serial and seed). The algorithm used to generate the OTP within the token is the HOTP-MAC of OATH consortium (however IRETH can also use other algorithms on tokens and server). The OTP code passed to the software server is validated by the IAP800 authentication server and the access can be give or not to the user.