Forrester Report: The State of Application Security in 2018 Download Report

DIGIPASS for Mobile

DIGIPASS for Mobile is a user-friendly and secure mobile authenticator that can easily be tailored to meet the needs of any authentication process. It can be customized and deployed rapidly without extensive technical support ensuring strong security with a compelling value.


Enhanced Application Security

DIGIPASS for Mobile is a hardened application with self-protection features that mitigate even the most sophisticated hacking attacks. So no matter the application, DIGIPASS for Mobile ensures a simple and secure user authentication process.

  • Jailbreak & Root Detection: ensures the security of mobile platforms by detecting if rooting or jailbreak evidence is present, so you can take proper action.

  • Application Hardening: supports best in class hardening techniques including memory zeroing, reverse engineering protection, secure storage, and white box cryptography.

  • Device Binding: securely links an authorized user to his authorized device(s), which can prevent cloning or repurposing of cryptographic keys.

  • Secure Channel Communications: ensures the integrity of digital transactions by providing an encrypted, independent and cross-platform secure channel between the server and the client device.

  • Enhanced Risk Analysis: offers unique risk scoring capabilities that are embedded into the authentication and signing processes based on user, platform and context elements.

Transparent User Experience

When it comes to user adoption of your mobile application, user experience is a critical factor for success or failure. DIGIPASS for Mobile offers convenient, user-friendly two-factor authentication and e-signing options that dramatically reduce “friction” from the equation:

  • QR Code Login: users simply capture the QR code with a mobile device, enter a PIN code and can instantly log on to an application or validate a transaction. Visit the CRONTO solution page to learn more about QR-code based visual transaction signing.

  • Transparent OTP: offers “hands free” authentication and signing when a user is conducting an online session, and is flexible enough to provide transparent OTP or generate an e-signature that is automatically directed to the relevant server. 

  • Multi-Device Support: ensures that a user can securely leverage any pre-registered device for application authentication and transaction signing, regardless of platform.

  • Inter-Application Security: leveraging an encrypted secure channel, white listed applications use DIGIPASS for Mobile as OTP/signature provider and generate the OTP for the mobile application only upon successful security checks.

  • TouchID Support: DIGIPASS for Mobile provides additive measure of security with support for Touch ID. In addition to a password, fingerprint biometrics ensure only the right user gains access.

Streamlined Integration

Application development and deployment can be an arduous process, which is why DIGIPASS for Mobile was created as a turn-key solution to streamline the process, requiring only a simple configuration to deploy.

  • Customization: fully customizable GUI, a complete set of branding and publishing tools, localization capabilities, flexible menu and form design options, and granular security and policy tools.

  • Provisioning: enables flexible set up configurations through both online provisioning protocols as well as offline "fallback" options. 

  • Implementation: offers a complete suite of implementation options, including full-service support for parameter selection, testing, design, customization, multi-device provisioning, App store publishing, and training. 

  • Platform Support: supports most common mobile device platforms, including iPhone (iOS 7.1 and higher), Android (2.3 and higher), Blackberry (Blackberry Native 10.1 and higher) and Windows (Windows Phone 8 and higher), as well as eight different crypto-applications, allowing an extended use in different settings such as IVR, online connections, signatures, offline transactions, etc.

Element Details
Response Only
  • Response length from 6 to 16 decimal/hexadecimal
  • Check Digit 
  • 256 seconds Time Step
  • AES/Triple DES Encryption Algorithm
  • Time only, event only or time + event-based
  • Length from 4 to 10 Decimal/Hexadecimal
  • Up to 8 customizable data fields 
  • Data field length from 4 to 16 digits
  • 256 seconds time step
PIN Management
  • PIN length options: no PIN or 4 to 250 digits
  • Max number of wrong entries from 1 to 9 
  • On wrong PIN: invalid password generation or reset 
  • PIN check options : Checksum/Hashcode/None
  • PIN change option 
Standard algorithms 
  • HOTP 
  • TOTP
  • OCRA


Case Study


With remote offices and on- and offshore plants in different locations, Qatargas was looking for a secure remote access solution allowing its employees and contractors worldwide to access its corporate network and business applications. By implementing IDENTIKEY Authentication Server together with DIGIPASS hardware authenticators and DIGIPASS for Mobile into its Citrix metaframe, the company is assured that its business critical applications and information cannot be accessed by unauthorized users.

Product Brief

DIGIPASS for Mobile

DIGIPASS for Mobile balances the need for stronger application security with demands for user convenience by delivering comprehensive, built-in security for your mobile applications, combined with a frictionless, “hands-free” authentication and e-signing experience for your mobile users.

Meet the Mobile Menace

Top security threats and what you can do to prevent them.

Make It Mobile

How to successfully implement a secure mobile strategy. Mobile applications are changing the way business is done, offering instant access to services for your users. And the conveniences of mobile applications can yield many benefits: mobile apps can save time, reduce cost, and accelerate business, boosting everything from workforce productivity to customer loyalty.

EPCS Compliance for Cerner Millennium

DEA regulations mandate the use of two-factor authentication when a prescription for a controlled substance is submitted electronically.

Case Study

ROC Amsterdam and Flevoland

Enhance security of the online student information system as static passwords don’t provide adequate protection.

Case Study

Clyde & Co

Law firm Clyde & Co. uses VASCO's DIGIPASS and two-factor authentication services to protect its confidential data and business critical solutions.

Case Study

University of Rotterdam

Employees of Rotterdam University have to log in through the central login system to get access to the different decentralized systems the educational institution works with. In order to guarantee that only employees get access to this important information such as exams and personal details, VASCO’s authentication solution with one-time passwords (OTPs) was implemented. The OTPs are generated with either DIGIPASS for Mobile, a DIGIPASS GO 3 or a GO 6.

Case Study


As one of the leading banks in Azerbaijan, AGBank was looking for a security solution for its Internet and mobile banking services. The bank chose VASCO’s DIGIPASS technology with a combination of DIGIPASS GO 6, DIGIPASS for Mobile and DIGIPASS 275.

Product Brief

DIGIPASS for Mobile Enterprise Security Edition

DIGIPASS for Mobile Enterprise Security Edition is the easiest way to deploy strong authentication on portable devices within your company. No additional hardware is needed. The information is sent to your users who are directed to the relevant application store for the software download. VASCO® offers a secure provisioning service that will handle the distribution and logistics, so you can concentrate on your core business.

I would like to learn more.

Please have a VASCO expert contact me.


Related Products

This website uses cookies to improve user experience, functionality and performance. If you continue browsing the site, you consent to the use of cookies on this website. Note that you can change your browser/cookie settings at any time. To learn more about the use of cookies and how to adjust your settings, please read our cookie policy.