The OTAC Trusted Access Gateway (TAG) is a plug-and-play solution that brings strong, centralised authentication to operational technology (OT) environments. It protects critical infrastructure—such as PLCs, HMIs, RTUs and DCSs—from unauthorised access by replacing static credentials with one-time authentication codes (OTAC), without the need to modify existing OT network processes or devices.

Stronger Authentication, Minimal DisruptionThe Solution

Powered by swIDch’s patented OTAC technology, the Trusted Access Gateway generates dynamic, non-reusable codes via registered user devices—such as smartphones, smart cards or secured laptops. These codes cannot be reused, shared or stolen, ensuring secure authentication without complex infrastructure changes.

Unlike traditional solutions such as PKI or biometrics, OTAC requires no stored credentials or two-way communication. It even works offline, making it ideal for isolated or air-gapped environments in critical infrastructure.

 

How It Works

Understanding how OTAC Trusted Access Gateway functions is key to appreciating its seamless integration and security advantages—here’s a simple breakdown of the process:

  • OTAC Trusted Access Gateway placement: OTAC Trusted Access Gateway is deployed between the PC/Laptop and the OT system it is trying to access.
  • Authentication Request: When a target PLC/HMI/RTU/DCS engineering application is launched, the OTAC Trusted Access Gateway agent requests the registered user device to complete the multi-factor authentication (MFA) process.
  • OTAC Generation: The user generates an OTAC on their registered personal device (e.g., smartphone or smart card) and enters it into the input field.
  • Validation: The OTAC Trusted Access Gateway validates the entered code and grants access if the user is authorised. access activity.

 

OTAC Trusted Access Gateway_02
OTAC Trusted Access Gateway Demo

Key Benefits

The OTAC Trusted Access Gateway provides a seamless upgrade to OT authentication environments without complex system modifications.

  • No Need to Modify current PLCs: The PLC devices remain unaltered.
  • Centralised Management: User authentication can be centrally managed for enhanced control.
  • One-Way Dynamic Authentication Codes: Static passwords are replaced with dynamic codes that change for each session, ensuring secure user and device authentication.
  • Comprehensive Access Logs: Unlike standard PLC access logs that lack user/device identification, OTAC Trusted Access Gateway’s logs provide meaningful, actionable records of access activity.

 

Compliance-Ready

The OTAC Trusted Access Gateway helps you meet the world’s leading OT cybersecurity regulations:

OT regulations 1

  • NIS2 – Replaces static passwords with dynamic authentication
  • NERC CIP – Enforces role-based and multi-factor access
  • IEC 62443 – Aligns with FR1: Identification and Authentication Control
  • Cyber Resilience Act (CRA) – Ensures secure and auditable access

 

 

International CC Certification for OTAC
Our OTAC technology has obtained the global CC standard for its strong security, stability and reliability. 

Contact us today

OTAC Trusted Access Gateway (TAG) FAQs

  • No. The OTAC Trusted Access Gateway integrates seamlessly without altering your current devices or systems.
  • Unlike PKI, OTAC doesn’t require certificate management or bidirectional communication. Each code is generated locally, making it simpler and more resilient in OT environments.
  • Registered smartphones, smart cards or laptops can generate the dynamic codes required for access.
  • No. Codes are generated independently on the user’s device—no network is needed.
  • Yes. The OTAC Trusted Access Gateway provides detailed access logs that include user and device information, improving auditability.
  • Absolutely. It supports compliance with NIS2, IEC 62443, NERC CIP and the Cyber Resilience Act (CRA).

Why swIDch

OTAC, developed by swIDch, is the original technology
that provides all of the following features, tested and substantiated
by the University of Surrey technical report
Why swIDch
DYNAMIC CODE that is
sufficient to IDENTIFY user
Single-step IDENTIFICATION
and AUTHENTICATION
Uni-directional authentication in
off-the-network environment

Single-step identification and authentication with the code alone. Include our biometric option and get single-step MFA. Vastly improved UX by removing steps.

OTAC is a dynamic code, which means the code is constantly changing. Eliminates all use of static information. Forget usernames and passwords forever. Vastly reduced workload for IT helpdesks. 

No network connection required for generating OTAC, enabling uninterrupted use no matter where you are. No more waiting for additional tokens/OTPs and no need for heavy public key infrastructure (PKI). 

 

Highly configurable code parameters and lightweight SDK/applet means wide range of deployment options on many devices across multiple sectors.  

Learn More

'One-time-authentication-code' technical report by University of Surrey Get In touch

Related Topics

Synergizing Standards: How NIS2, CRA, and IEC 62443 Forge a Unified Front in OT Cyber Security
In the rapidly evolving landscape of Operational Technology (OT), maintaining robust cybersecurity measures is crucial. Several key frameworks and directives have emerged to address the unique challenges faced by this sector. Let’s delve into three significant standards—NIS2, CRA, and IEC 62443—that collectively enhance the cybersecurity posture of OT systems.
Read More
Rising OT Cybersecurity Threats Demand Immediate Action
The world enters 2025 at the precipice of a cyber age where the backbone of modern industry—Operational Technology (OT)—faces unprecedented risks. While the integration of OT with IT has streamlined operations and improved efficiency, it has also widened the attack surface for cybercriminals.
Read More
The Vital Role of User Access Control and IAM in OT
In an era where technology integrates seamlessly with operational processes, the importance of robust user access control and IAM cannot be overstated. As OT environments evolve, they become more susceptible to cyber threats, making it imperative to safeguard these critical infrastructures.
Read More