Frequently Asked Question

What is 3AKey?

 frontone
3AKey is a USB based secure digital identity. A 3AKey is usually issued by an organisation to an individual user to facilitate the access to privileged content or financial services remotely, safely and easily in the enterprise network or the Internet.

3AKey as a name has two meanings: 3A is an abbreviation for Authentication, Authorization and Administration; or Automated Authorised Access by its character. It is a security device that is the key to your digital world.

3AKey is a Human Interface Device (HID), not a memory stick although it looks like one.

What is Distributed Authentication?

Distributed Authentication means that an authenticated user from one facility may request service from others, often called cross-domain Single Sign-On systems.

What is Distributed Local Authentication?

Distributed Local Authentication is unique a technology deployed by 3AKey. The user authentication is completed locally with a 3AKey, which is provided for, and has complete control of, a personal authentication server; furthermore, the process is managed and supervised by the authorised central server.

With Local Authentication, username and password is not transmitted over a network or internet which removes the vulnerability and potential risk to identity theft.

Can you give me the reasons why I should change to 3AKey?

There are many reasons (security and privacy compliances, economic, usability ...) that you as a person or organisation should consider to make a change to 3AKey, the main reason should be the security (safe) and integrity, in particular if you value your digital property and/or privacy:

  • 3AKey has built-in intelligence; it produces dynamic identity token (Client side One-Time Password) for authenticate itself; it has built-in capability to protect itself from hacks by authenticating every request for access. Hence, the authentication server must provide an unique access token (server side one-time password) before information can be retrieved, a two way authentication technology.

  • 3AKey has higher immunity to attacks; One-Time Password is effective to prevent attacks such as Dictionary attack, Eavesdropping and Social Engineering Attacks such as Phishing. 3AKey provides 128 bit One-Time Password in contrast of other security token that only has17 to 27 bit. Unlike others that a single One-Time Password open a session (for almost unlimited time), 3AKey system employs continuous authentication, a new One-Time Password is required for every request for transaction, this mitigate Man-In-The-Middle attacks.

  • 3Akey is your personal authentication server. Password is simple and is very effective if no one else knows and can use it. Therefore, password itself is not the cause of security weakness, it is the system. All current system implementations take the username and password and send them to a central location for verification. As a result, it creates a fertile ground for identity based attack and a huge and growing underground cyber crime economy that every online user is vulnerable to attacks. If you are using 3AKey, the username and password will be authenticate locally with your 3Akey instead of sending them away, this is our unique Distributed Local Authentication technology. With 3AKey, no one could hack your password, even if someone discover it, it cannot be used remotely to access your account; unless they has the possession of your 3AKey, use with your computer and have the credential to your computer as well.

How to use 3AKey?

Once the 3AKey is registered, the insertion of the 3AKey into your computer will give you access to the website immediately. The device is authenticated automatically without further user input.

Occasionally, you may be prompted to authenticate with your username and password, especially when you are accessing a higher privileged area of the website or conducting financial transactions. This is to ensure your identity is not being used inappropriately. Periodically, you may be asked to do the same, as part of system integrity measures. PLEASE NOTE, NONE OF THE ABOVE IS POSSIBLE, UNLESS YOUR 3AKEY IS PLUGGED-IN, IS WORKING AT YOUR COMPUTER AND IT IS AUTHENTICATED TO THE SERVER THAT YOU HAVE REGISTERED THE KEY WITH.

How do I register my 3AKey?

Please follow the instructions provided by your Service Provider when the 3AKey is delivered to you.

There are two simple steps:
  • Enter the registration code and account details, both will be provided by the service provider.

  • Download the 3AKey driver "f1las.exe" or "f1las.zip" from the 3AKey.com or your service provider's website and install it to your computer under your user profile or Login.

Does my 3AKey work on more than one computer?

Yes, it will. But you must install the 3AKey driver before it can be used for transaction. It is good security practice that you install the 3AKey driver under your personal profile only. Your computer will be registered too during installation of 3AKey driver.