A token usually refers to a handheld device, used in connection with two-factor authentication. The token shares a key with a central server and provides user authentication and possibly message authentication. The token may come with or without a (restricted) pin pad (see Personal Identification Number), and a display. Various protocols may be deployed, time or counter dependent, or based on a challenge–response approach.
Whichever the protocol, an input (challenge), is provided to the key token either time or counter based by the token itself, or through a user input using the pin pad. A key dependent response is then calculated by the token and displayed, which is then keyed in by the user on the work station or terminal connected to the central server, where the response is verified using the same key.
This notion is not to be to confused with a key token which is often used to mean an encryption using a key encryption keyof a key and some additional information related to the...