Knowledge Base Discussion about security token


Site Janitor
Staff member
Jan 16, 2018
On The Blockchain
Security token may mean two different things:
  1. A cryptocurrency token that passes the Howey Test or;
  2. A physical device that generates single-use security codes for access to secure services.

Security Cryptocurrency Token

A security token is a regular cryptocurrency token, based on any smart contracts platform (such as Ethereum or NEO). The difference from a regular token is that security tokens pass the Howey Test, meaning these tokens are legally deemed to be securities per the United States legislation.

Security tokens behave a lot like stocks. The assets they represent are managed by 3rd parties in which you trust to make the underlying institution grow and become more profitable.

There is a significant difference between security tokens and non-securities. For instance, Bitcoin does not represent any institution nor does Bitcoin promise any kind of profits. Buyers who invest in Bitcoin do not get a share of any corporation or commercial entity whatsoever.

Security tokens on the other hand represent a fraction of an entity which entitles holders to dividends and voting rights.

Security Device

A security token is a small secure electronic device that usually has zero or one button and a small LCD or OLED screen.

The device has a very precise clock inside it which generates a unique code according to the time and date (number of seconds elapsed since a pre-determined time reference).

Websites, financial services like ATM's and bank cashiers and other secure environments that use security tokens run an identical precise clock on their end.

In order to access these secure environments the user must type the code shown on the screen on the service's interface. The service will then compare the code to its own generated code using its internal clock. The codes must match in order to grant access.

The idea is to require a proof that the user is physically holding the security token. This protects the service against phishing attacks, for example, because having the correct password no longer guarantees access to the protected service.

2FA or two factor authentication is the most popular name to the security schemes that use security tokens. As the name suggests, 2FA requires a second secret be provided in order to grant access to some resource.

The codes generated by security tokens are also called one time passwords (OTP's).

In cryptocurrency, security tokens have many uses, including the protection of exchange accounts, crypto wallets and other resources.

Based on Cryptocurrency Knowledge Base Topic security token