Setting up Message Delivery Component (MDC)

Message Delivery Component (MDC) is necessary to support Virtual Mobile Authenticator authentication. MDC interfaces with a gateway service to send a one-time password (OTP) to a user’s mobile phone, email address, or via voice message. It acts as a service, accepting messages from OneSpan Authentication Server Appliance that are then forwarded to an email address or to a text message gateway via the HTTP/HTTPS protocol.

Configuring SMS gateways

Since every gateway uses different parameters, certain settings are required, which can be configured using the OneSpan Authentication Server Appliance Configuration Tool. Depending on the type of gateway server used, different configurations are possible.

To configure SMS gateway settings with an SMS server, you need the following information:

• Name. The display name of the MDC profile. This is used primarily to describe and further identify the profile.
• Profile. The actual name of the MDC profile.
• Enabled. If selected, the gateway is enabled.
• The URL to access the gateway server.
• The user name and password for the gateway account.
• The required query string.
• The query method (GET or POST) required by the gateway.

To configure SMS gateway settings with an SMPP server, you need the following information:

• Name. The display name of the MDC profile. This is used primarily to describe and further identify the profile.
• Profile. The actual name of the MDC profile.
• Enabled. If selected, the gateway is enabled.
• The URL to access the gateway server.
• The port used to connect to the gateway.
• The user name and password for the gateway account.
• The SMPP system type.
• The SMPP source address number and Numbering Plan Indicator (NPI).
• The SMPP destination address NPI.

Contact your gateway provider for this information. If you have any issues, contact your supplier.

To set up an SMS gateway for Message Delivery Component (MDC)

1. Launch the OneSpan Authentication Server Appliance Configuration Tool and enter your credentials (see  Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
2. Select  Authentication Server > Message Delivery Component.
3. Enable the Message Delivery Component settings.
4. Select the type of server to be used by clicking Add SMS Server or Add SMPP Server.
5. Complete the fields for the selected server with the information gathered before.
6. Click Add to activate the settings.

Result options that can be configured for MDC setup allow messages returned from the gateway to be modified. Modifications allow more user-friendly feedback to be forwarded to the auditing system. For more information about configuring result options, refer to the OneSpan Authentication Server Appliance Administrator Reference.

For more information about auditing, see Auditing and refer to the OneSpan Authentication Server Appliance Product Guide, Section "Auditing". For more information about the particular MDC settings, refer to the OneSpan Authentication Server Appliance Administrator Reference.

Configuring email gateways

To configure email gateway settings, you need the following information:

• Name. The display name of the MDC profile. This is used primarily to describe and further identify the profile.
• Profile. The actual name of the MDC profile.
• Enabled. If selected, the gateway is enabled.
• The URL to access the gateway server.
• The SMTP relay host, port, and connection security (No SSL/TLS, Use SSL, or Use TLS). If SSL or TLS are used, a certificate is required, which needs to be retrieved from the email gateway. This needs to be uploaded in PEM format.
• SMTP authentication (optional).
• The from address.

To set up an email gateway for Message Delivery Component (MDC)

1. Launch the OneSpan Authentication Server Appliance Configuration Tool and enter your credentials (see  Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
2. Select  Authentication Server > Message Delivery Component.
3. Enable the Message Delivery Component settings.
4. Click Add SMTP Server.
5. Complete the fields for the selected server with the information gathered before.
6. Click Add to activate the settings.

Configuring voice gateways

To configure voice gateway settings, you need the following information:

• Name. The display name of the MDC profile. This is used primarily to describe and further identify the profile.
• Profile. The actual name of the MDC profile.
• Enabled. If selected, the gateway is enabled.
• The URL to access the gateway server.
• The user name and password for the gateway account.
• The phone number prefix for the voice settings.
• The required query string.
• The query method (GET or POST) required by the gateway.

To set up a voice gateway for Message Delivery Component (MDC)

1. Launch the OneSpan Authentication Server Appliance Configuration Tool and enter your credentials (see  Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
2. Select Authentication Server > Message Delivery Component.
3. Enable the Message Delivery Component settings.
4. Click Add Voice Server.
5. Complete the fields for the selected server with the information gathered before.
6. Click Add to activate the settings.

Configuring SMS and email messages

You can customize the messages sent by MDC using the OneSpan Authentication Server Administration Web Interface (via SERVERS > Global Configuration). That page contains three tabs, corresponding to the message types sent by MDC. Switch to the corresponding tab to customize the message settings. To designate where the one-time password appears in the message, use the placeholder string [OTP].

For more information, refer to the OneSpan Authentication Server Appliance Administrator Reference.

Importing and exporting gateway definitions

The OneSpan Authentication Server Appliance Configuration Tool allows you to import and export gateway definitions. This allows you to upload a description file and apply gateway settings to MDC on different OneSpan Authentication Server Appliance instances or to import gateway settings from an OneSpan Authentication Server instance to OneSpan Authentication Server Appliance (and vice versa).

Importing gateway definitions also makes it easier to apply gateway settings for supported third-party SMS gateway provider services.

To import a gateway definition

1. Select Authentication Server > Message Delivery Component in the OneSpan Authentication Server Appliance Configuration Tool.
2. Enable the required delivery method by selecting the corresponding checkbox.
3. Click Import gateway.
4. Browse to the gateway description file and click Import.
5. Edit the newly imported file and verify the imported details from the file.

6. Configure load-balancing, failover, and/or failback:

   1. Specify the order in which the gateway definition appears in the gateway list by dragging the gateway to the required position in the table in the overview screen.
   2. Specify the server type (Primary or Backup) in the details screen of the relevant gateway.
7. Click Apply.
8. Click OK.