DIGIPASS for Mobile

Enhanced security

DIGIPASS for Mobile

DIGIPASS® for Mobile provides Two-factor authentication & e-signature functionality to address security risks associated with the use of mobile and online applications. The time-based one-time password (OTP) is a dynamic authentication code and the most effective defense against complex cyber attacks. With every use the OTP changes, making an online attack virtually impossible.

The DIGIPASS for Mobile application itself is bound to device-dependent components and linked to the user with a PIN code. Therefore the applications cannot be duplicated on another phone or mobile device.

VASCO uses an enhanced provisioning protocol using asymmetric keys. Furthermore, VASCO also offers a unique way to provision software DIGIPASS using HSM server-side implementation. This process uses specific key rotations allowing for the most secure key provisioning.

VASCO’s Two-factor authentication and e-signature feature comply with the most recent regulatory requirements in many countries, including the FFIEC guidelines.

Excellent user convenience

Your end-users will experience the freedom to conduct their business securely from a mobile device while traveling throughout the world. A Daylight Savings Time adjustment and time synchronization feature is embedded in the application, enabling frequent travelers to conduct their business anywhere around the world at their own convenience.

The use of DIGIPASS for mobile is intuitive and self-explanatory, making extensive training or lengthy manuals redundant.

Furthermore, DIGIPASS for Mobile now supports QR-codes. Users can capture the QR-code, enter a PIN code and will be instantly logged on to the application in a secure manner. Signing documents or transactions using a QR-code is equally simple. Users capture the QR-code, verify the summary on DIGIPASS for Mobile and validate the transaction by entering their PIN code. DIGIPASS for Mobile will generate an e-signature that will be automatically sent to the requesting server.

DIGIPASS for Mobile provides strong Two-factor authentication and e-signature functionality to the vast majority of current handsets & pads, including iPhone, Android, Blackberry and Java.
The application also supports eight different crypto-applications, allowing an extended use of DIGIPASS for Mobile in different settings such as IVR, online connections, signatures, offline transactions etc.

Fully Customizable

  • The Graphic User Interface (menus, messages, icon, names, logos, font color, etc.) is fully customizable based on your individual requirements prior to deployment
  • DIGIPASS for Mobile provides a complete set of tools to allow you to publish your own company-branded application on common application stores such as Appstore, Google Play or Appworld
  • Operating Modes (authentication and/or signature) are adjustable to best fit requirements
  • Foreign and special character display supported with Unicode
  • Links to activate & synchronize are customizable
  • Menus are extendable to host ATM locators, WAP information, phone banking etc.

Easy integration

VASCO includes a web sample to simplify the integration into your current server architecture. A typical test pilot can be up and running within one day and demonstrates how the software can be implemented. No external server or service is needed; a single VACMAN® Controller integration will handle every aspect of the DIGIPASS for Mobile processes.

Integrating DIGIPASS for Mobile will also enable your server architecture to fully operate with DIGIPASS for Web, without any additional development.

Easy Deployment

Deployment has never been easier or more flexible with two unique provisioning options: off-line or online deployment. Additionally, VASCO also offers deployment through QR-codes. If need be, a VASCO operated provisioning service is available – DIGIPASS as a Service Provisioning Service. Just assign the serial number to your end- user and you’re ready to go!

  • Manual mode (off-line):
    The user will enter his 20-digit activation code and serial number onto their mobile phone. This mode does not require a server update and integrates effortlessly into an existing VACMAN Controller environment.

  • Automatic mode (online):
    DIGIPASS for Mobile automatically connects to the server to request activation when initially powered on. The end-user simply enters an activation password to complete the process. Online mode ensures fast activation with minimal effort by the end-user. This mode requires a minor update on an existing server for seamless integration.
  • QR code mode:
    DIGIPASS for Mobile allows capturing a QR Code that activates the DIGIPASS application in an instant without any additional manual input. The end-user simply creates a local (and optional) PIN.

Once activated, the end-user enters and confirms his PIN each time a one-time password is generated. VASCO’s back-end Authentication server performs all OTP and signature validation functions for the complete DIGIPASS product line, including DIGIPASS for Mobile.

No additional hardware is necessary to deploy this advanced security to your end-users. DIGIPASS for Mobile has been successfully deployed on a large scale throughout the banking community, and can be deployed simultaneously with other VASCO® devices to meet customer specific requirements. DIGIPASS for Mobile has an embedded update engine that allows a better life cycle management.

DP+ is also supported in DIGIPASS for Mobile. For more information, please contact your VASCO representative.

Technical Specifications

response Only

Time only, event only or time + event-based

AES/Triple DES Encryption Algorithm
response : 6 to 16 Decimal/Hexadecimal
Check Digit
256 seconds Time Step
Host Confirmation Code AES/Triple DES
Length from 4 to 10 Decimal/Hexadecimal
(1 to 10 in Challenge response mode)
Challenge/Response Time only, event only or time + event-based
AES/Triple DES Encryption Algorithm
Challenge length from 4 to 15 Decimal
response length from 6 to 16 Decimal/Hexadecimal
Check Digit
256 seconds Time Step
MAC/signature

Time only, event only or time + event-based

AES/Triple DES Encryption Algorithm
Length from 4 to 16 Decimal/Hexadecimal
Up to 8 customizable data fields
Data field length from 4 to 15 digits
256 seconds Time Step
PIN management PIN length options: no PIN or 6 to 9 digits
Max number of wrong entries from 1 to 9
On wrong PIN: Invalid password generation or reset
PIN check options : Checksum/Hashcode/None
PIN change option
Standard algorithms

HOTP
TOTP
OCRA

Demo

Try our demo: http://dp4mobile.demo.vasco.com

Downloads

Case Study:

Datasheet:

Contact

Share | |