VASCO DIGIPASS for Apps
An all-in-one developer's toolkit designed to improve security and user convenience across your mobile application ecosystem
DIGIPASS for Apps is a unique single framework and a comprehensive library of APIs that give developers all the necessary building blocks required to secure their mobile applications.
Mobile applications are changing the way business is done, offering instant access to services for your users. Unfortunately, attackers are taking advantage of the many complexities created by the mobile ecosystem to exploit vulnerabilities, resulting in sophisticated fraud schemes and theft of sensitive data. It's clear that today's unprecedented global mobile migration has raised security stakes to new levels - your users are conducting highly complex, sensitive transactions from multiple devices, over both known and unknown networks, and each step introduces new security risks. When it comes to your mobile applications, how can you ensure the right levels of security without creating additional challenges for your mobile users?
DIGIPASS for Apps is a comprehensive developer's toolkit (SDK) that natively integrates application security, two-factor authentication and electronic signing into your mobile applications. Through a complete library of APIs, you can extend and strengthen security for your applications and deliver unprecedented convenience to your users, while streamlining the application deployment and lifecycle management process. Benefits of DIGIPASS for Apps include:
- Application Security: A unified framework that enhances security across all core components of your application – communication, storage, platform, provisioning, interface and user.
- User and Transaction Protection: Broad, flexible, and fully integrated two-factor authentication and electronic signing supports the demand for user convenience for even the most sensitive mobile transactions.
- Risk Scoring: Risk scoring that is driven by user, platform and context elements is embedded into the authentication process, meeting requirements for enhanced server-side analytics and streamlined compliance management.
DIGIPASS for Apps helps you enhance security and manage applications at every level, from provisioning through user activation, across multiple user devices. DIGIPASS for Apps is suitable for any server side environment – it doesn't require in-house cryptographic expertise, is fully customizable, runs without GUI issues, meets all graphical requirements and is easily integrated.
For users, DIGIPASS for Apps provides a convenient, friction-free experience, supports a broad range of options for accessing mobile applications and conducting transactions, and supports most commonly available mobile platforms including Android, iOS, Windows Phone, and BlackBerry.
Certain types of information exchanged from the server to the client application require an extra security layer, beyond what traditional technologies like HTTPS can provide. DIGIPASS for Apps offers end-to-end encryption that introduces a new level of service between server and client applications, providing an encrypted secure channel for almost anything, including text, photos, and QR codes.
Mobile applications often require that data be stored on the mobile platform, but that data needs to be secured to prevent access by unauthorized applications or devices. DIGIPASS for Apps delivers secure storage functionality through encryption for all application data, independent of any operating system or device. In addition, because a user may have several devices, multi-device management allows users to seamlessly and securely utilize all devices through a single license.
Ensuring the continuous integrity of the mobile platform is a critical element in mobile application security. DIGIPASS for Apps combines geolocation, device binding and jailbreak and rootkit detection capabilities to recognize that the user and the device are authorized to perform certain activities. It also offers the capability for developers to localize applications for specific geographic regions, link users to specific devices, and detect platform vulnerabilities that could compromise the security of your mobile application.
Since a client-side application runs on user devices, it is critical to ensure trust in those devices throughout the application lifecycle. DIGIPASS for Apps provides a full range of features for deployment, provisioning and activation, offering manual, online, and QR code-based processes, as well as protocol independent features that streamline the process across multiple platforms.
To ensure secure interaction with the GUI elements of your application, DIGIPASS for Apps provides PIN Management to protect against brute force attacks and dictionary attacks, as well as integration with fingerprint biometric readers (when available on the device). Application hardening techniques like zeroing memory can also be used so that no external application can exploit potential weakness of the device.
The convenience and simplicity of your application will have a tremendous impact on user adoption rates. DIGIPASS for Apps delivers strong security while reducing manual input required by the user. In addition to two-factor authentication through OTP and challenge/response, DIGIPASS for Apps supports a broad range of innovative e-signature technologies - including QR code scanning, and CrontoSign graphical cryptograms - across a broad range of platforms including Android, iOS, Windows, and BlackBerry.
Download the VASCO DIGIPASS For Apps Data Sheet (.PDF)