Virtual Mobile Authenticator

Virtual Mobile Authenticator can be used instead of a primary hardware authenticator, or as a backup mechanism when users lose their hardware authenticators.

Using Virtual Mobile Authenticator means that a user may receive a one-time password (OTP) via:

• Email
• SMS (over a mobile phone)
• Voice message (over a landline or mobile phone)

There are two forms of Virtual Mobile Authenticator:

• primary Virtual Mobile Authenticator. Treated by OneSpan Authentication Server Appliance almost identically to hardware and software authenticators. A record of each primary Virtual Mobile Authenticator must be imported into the data store, and may then be assigned to a user automatically or manually. Users will typically log on with their user ID and static password, have an OTP sent to their phone or email account, and then enter the received OTP in the second stage of their logon process.
• backup Virtual Mobile Authenticator. This feature allows users to request an OTP sent to their phone or email account if they do not have their usual authenticator at hand. It may be limited by number of uses or days of use, e.g. users may be limited to 2 days usage, after which they will again need to use their primary authenticator to log on.