Recently, Canopus IT has introduced a new product – mobile MAC-generator for smart phones that runs on OS Android.
The main advantage of the MAC-generator is that the user’s data is protected even if the perpetrators got to know the user’s password.
To enhance safety of the users, additional authentication mechanisms are used. One-time password generator (OTP token) conforms to rfc 6238 OTP: Time-Based One-Time Password Algorithm.
“In addition to the user authentication it is necessary to make sure that the user has initiated cash transactions himself. To do that, we deploy MAC mechanism (Message Authentication Code). In the process of the transaction execution the user is prompted to enter the code confirming the transaction. The user scans the QR-Code of the document, that has to be confirmed by means of our codes’ confirmation generator (MAC-token). The generator produces a verification code that the user enters in the system. In this manner the user is certain to have personally sanctioned the transaction. Since the transaction’s details are displayed on the screen of the MAC-generator, the user is certain to have signed the document that was displayed in the system “, – says Maxim Ivanchenko, Canopus IT CEO.
In addition, the OTP and MAC-generator are more practical than codes sent via sms, because the user does not depend on a mobile network provider and can use it even where there is no mobile network and wifi coverage. The application fully replicates the functionality of “hardware” generators but unlike them does not require a physical transmission from manufacturer to the user and can be downloaded at any place and at any time.