- One-Time Password technology
Passwords may not be considered completely secure method of authentication, because one can steal, oversee and crack them. To enhance the security, users apply additional authentication mechanisms, such as one-time password technology. One-time passwords are changed each time the user logs on, it is useless to oversee or crack them, as they become invalid after having been used once. Our one-time password generator (OTP token) corresponds to rfc 6238 OTP: Time-Based One-Time Password Algorithm. Using this algorithm, we protect the user, even if the attackers have become aware of his/her password.
- What is MAC token?
In addition to user authentication, we have a task to make sure that the user himself/herself has initiated cash transactions. For this, we use MAC mechanism (Message Authentication Code). During the transaction, the user is requested to enter a code, confirming the transaction. The user scans the QR code from the document, which must be confirmed by our confirmation code generator (MAC token). The generator generates a confirmation code that the user enters in the system. Thus, the user is sure that he/she personally authorized the operation. Since the MAC generator screen displays details of the transaction, the user is confident that he/she has signed that particular document, which was displayed in the system.
- Advantages of OTP and MAC generator
OTP and MAC generator are more convenient than the codes sent in sms, as you do not depend on the mobile operator (the application does not even require a SIM card or a wifi-network), and you can use it even where there is no cellular communication. The application fully repeats the functional of “hardware” generators, but unlike them, it does not require a physical transfer from the producer to the user, and can be downloaded at any place and at any time.
The main function of app is to calculate the enhanced encrypted non-certified digital signature under the document
The user is protected even if the attackers have become aware of his password