Authenticating Servers
  • 09 Oct 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Authenticating Servers

  • Dark
    Light
  • PDF

Article summary

The Personal Certificate Client (PCC) uses a complex mechanism to secure its communication with a OneSpan Sign server. This mechanism is independent of the PCC-to-JavaScript TLS communication, and exists on top of it. The mechanism uses strong cryptography, hashes, digital signatures, encryption, timestamps, nonces, etc.

This security mechanism also uses Server Authentication. This means that the PCC will not accept a connection from any source other than its predefined “trusted servers”. For both Windows and macOS installers, certain OneSpan Sign SaaS servers are predefined as trusted. This arrangement is sufficient for all SaaS customers.

By contrast, on-premises customers use their own servers. Thus these customers must ask our Support Team to send them PCC installers that are customized for their environments.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant