Login
    Contenu x
    Validation
    • 23 Jan 2025
    • 2 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Validation

    • Mis à jour le 23 Jan 2025
    • 2 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    The Digipass client evaluates a Boolean score for each of these three categories based on an analysis combining several factors (e.g. Jailbreak, PIN, geo-location etc.). To produce score-based Digipass responses, Digipass feeds its crypto-engine with both a global score (from 0 to 7) and secrets.

    On the server side, the validation of score-based Digipass responses (OTP or signature) is possible using the former Authentication Suite Server SDK API validation functions, without the implementation of new validation functions. Authentication Suite Server SDK is agnostic to the meaning of the resulting score information (possible warning for each of the three categories). The meaning and the calculation method for the score for each category will be defined by the client-side product (compliant software Digipass). See the documentation provided with software Digipass for more details on the scoring calculation.

    In case of the successful validation of a score-based authenticator application, Authentication Suite Server SDK provides information about any warnings identified for every category by means of specific return codes.

    Validation successful

    Once a score- based Digipass response (OTP or signature) has been validated successfully, the validation operation will produce return codes in accordance with the resulting score information. Possible return codes are:

      Table: Return codes
    Return codeMessage
    (0)Operation Successful
    (10001)Operation Successful with Context Warning
    (10002)Operation Successful with User Warning
    (10003)Operation Successful with User and Context Warning
    (10004)Operation Successful with Platform Warning
    (10005)Operation Successful with Platform and Context Warning
    (10006)Operation Successful with Platform and User Warning
    (10007)Operation Successful with Platform and User and Context Warning

    Return codes (0) and (10001) to (10007) all mean that the validation has been successful. The difference between these eight return codes is if it is a warning or not identified on each of the three categories (platform, user, context).

    The customers must take an action of their choice in case of one or more warnings are detected (e.g. write logs, injection in an existing RBA, or in-house decision engine etc.).

    When traditional applications are used that are not score-based and if they are successfully validated, the return code is always (0). The return codes (10001) to (10007) can be returned only when score-based applications are used.

    Figure:  Score-based Digipass authentication

    Validation failed

    If a score-based Digipass response (OTP or signature) is NOT validated successfully (e.g. failure, code replay, response too small etc.), the validation operation will return the error code without information on the global score, e.g.

    • (1)Validation Failed
    • (201)Code Replay Attempt
    • (-202)Response Too Small
    • ...

    An unsuccessful validation does not allow extracting information on the score. Only a successful validation allows thrust and extraction of the score information.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle