This sounds almost identical to the Racal-Guardata Watchword. It's old technology (although making the unit small might be new). I have a Watchword on my desk as I write this. It's a calculator with authentication built in. There's my own DES key inside. To get to it, I enter 1 of 2 PINs. (the second is a "duress PIN" -- works but sounds a warning in the security office, saying that I have a gun to my head, if I use it for a challenge/resp). The system authenticating me gives me a 7-digit challenge number. I enter it and my Watchword gives me a 7-digit response number back. I then give that number to the system -- typed as a password or over the phone to a person. ------- The SecureID (which I carry in my wallet, against directions from the vendor) has my encryption key buried inside along with a calendar clock. Every minute, it encrypts the date and time with my key and displays 6 digits of the result. It has a keypad for entering a PIN which is then added (without carry) to the 6-digit result and that is displayed instead, if I've entered the PIN, for the next 5 minutes. This saves half the protocol (by sync of calendar clocks). - Carl