Obtaining CoCo Compliance
CoCo compliance is obtained when local authorities comply with the list of security requirements. These requirements prescribe the following criteria need to be met:
- Secure mobile access to government applications
- Enhanced user authentication and controlled public access
- Enforce the usage of more complex passwords
By implementing a strong two-factor authentication solution based on dynamic, one-time passwords, the CoCo security requirements can be met. Dynamic passwords are generated by a DIGIPASS, that generates a unique code every 32 seconds. This code is then used in combination with your username and/or PIN code whenever you need to logon remotely or enter a government application.
The fact of combining something you know (a username or a PIN code) with something you have (a one-time password generator), is what is called in industry terms: strong user authentication; which is what the CoCo criteria stipulate.
Remembering complex passwords is no longer needed, with one push on the button of the DIGIPASS device, you receive a unique code that will allow you to access your applications regardless of the place where you are working from. This unique code can only be used once and is valid for a limited period in time, thus preventing identity theft and data leakage.