Easy and secure
phishing virtually
impossible: interaction
required in real time
time based
passwords can only
be
used once
simple to use
easy to deploy
Challenge/Response Passwords
How does Challenge/Response work? 
- Log in into your application with your username
- The server will present you with a challenge
- Enter this challenge into your DIGIPASS
- DIGIPASS will generate a response.
- Enter this DIGIPASS response in your system
- When the system authenticates you, access will be granted.
Challenge/ Repsonse enhances your security
Fraudsters should operate in real time to intercept your password. He has to use your username to receive a challenge. That challenge will be passed on to you. After that, he still needs to intercept your password. The fraudster needs to interact in the communication between you and the application. And he needs to act fast. The challenge/respone passwords are time based. Every 36 seconds a new password will be generated. Fraudsters need to operate in this timewindow. Otherwise, the password expires.
Batch processing of data for later is no longer possible. Furthermore, the passwords can only be used once.