- 23 Oct 2024
- 1 Minute to read
- DarkLight
Delegated protection
- Updated on 23 Oct 2024
- 1 Minute to read
- DarkLight
The Triple Data Encryption Standard (3DES) key used to protect the Digipass secret in the dynamic vector is provided by the application that integrates the Digipass SDK. The management of this key is delegated to you during the integration of the Digipass SDK.
Activation with delegated protection (overview)
In Activation with delegated protection (overview), the application integrating the SDK manages its own dynamic vector-encrypting key. This key must be provided during the activation process and afterward for each call to the SDK. Without this key, the dynamic vector cannot be used, and the Digipass authenticator needs to be reactivated.
The dynamic vector-encrypting key is not controlled by the Digipass SDK. Thus, an invalid encrypting key will lead to an incorrect decryption of the Digipass secret and, consequently, to an invalid response. The Digipass SDK does not manage a lock mechanism if it is integrated with delegated protection.
This dynamic vector-encrypting key ensures that only the application owning the key is able to use the Digipass authenticator.
All API entry points supporting a third-party encrypting key are suffixed with WithKey.
Example of routines for delegated protection:
C/C++/Objective C: DPSDK_GenerateSignatureWithKey
Swift: generateSignature
Java: generateSignatureWithKey