Single-device licensing

Single-device licensing is a licensing model which also applies to connected Digipass hardware devices able to perform operations based on the Secure Channel protocol (Digipass GO 215, some Digipass 875 smart card readers).

With the single-device licensing model, each Digipass serial number corresponds to a unique Digipass authenticator instance.

With the single-device licensing model and the one-to-one relationship between a user account and a Digipass serial number license, a user account can be bound to a single Digipass authenticator.

For Digipass devices compliant with the single-device licensing model, the corresponding DPX files contain a batch of the Digipass authenticators with a different serial number for each authenticator.

Every Digipass authenticator can have from one to eight authenticator applications (authentication, e-signature, or unlock application), represented on the server side by an authenticator application BLOB for each application of each authenticator.

In case of connected Digipass hardware devices able to perform operations based on the Secure Channel protocol, every Digipass authenticator will have also a Secure Channel payload key represented on the server side by a payload key BLOB for each authenticator.

Figure: Conceptual data model with single-device licensing model shows a conceptual data model suitable for a single-device licensing model.

Figure:  Conceptual data model with single-device licensing model

Extraction of the Digipass authenticators from the DPX file

In case of DPX files for Digipass devices based on the single-device licensing model, the following data will be extracted during the import process for each Digipass serial number in the DPX file:

• The Digipass type (informational type name given to the authenticator, e.g. DPGO3, DP300 etc.)
• Up to eight authenticator application names (application names given to the applications)
• Up to eight authenticator application authentication modes (RO, CR, SG, MM, or UL)
• Up to eight authenticator application BLOBs
• (OPTIONAL) A payload key BLOB (only if connected Digipass hardware devices able to perform operations based on the Secure Channel protocol)

In case of software Digipass authenticators based on the single-device licensing model, additional data is present and must first be extracted from the DPX file during the import process: the static vector.

This static vector is a data string common for the Digipass serial number in the DPX file. It contains parameter settings that will be used to generate activation data necessary for the standard one-step activation process of a software Digipass authenticator.

In case of DPX files for Digipass based on the single-device licensing model and able to perform operations based on the Secure Channel protocol, additional data is present and must be also extracted first the DPX file during the import process – the message vector.

This message vector is a data string common for the Digipass serial number in the DPX file. It contains configuration settings that will be used by Authentication Suite Server SDK to generate Secure Channel request messages.