VASCO DIGIPASS for Mobile
Time-based two-factor authentication with e-signature functionality to address the
challenges of online and mobile applications
Click here to Jump to Pricing!
Overview:
Banks, financial institutions, enterprises and large corporations offering online and mobile applications, all face multiple challenges. Online and mobile applications are highly susceptible to fraudulent security attacks which have become increasingly more sophisticated over the years. In order to gain widespread acceptance, the applications must be thus secure and user-friendly. VASCO ® addresses these challenges with DIGIPASS for Mobile and DIGIPASS SDK.
Easy Deployment
Deployment has never been easier or more flexible with two unique provisioning options: off-line or online deployment. Additionally, VASCO also offers deployment through QR-codes. If need be, a VASCO operated provisioning service is available – DIGIPASS as a Service Provisioning Service. Just assign the serial number to your end- user and you're ready to go!
- Manual mode (off-line):
The user will enter his 20-digit activation code and serial number onto their mobile phone. This mode does not require a server update and integrates effortlessly into an existing VACMAN Controller environment. - Automatic mode (online):
DIGIPASS for Mobile automatically connects to the server to request activation when initially powered on. The end-user simply enters an activation password to complete the process. Online mode ensures fast activation with minimal effort by the end-user. This mode requires a minor update on an existing server for seamless integration. - QR code mode:
DIGIPASS for Mobile allows capturing a QR Code that activates the DIGIPASS application in an instant without any additional manual input. The end-user simply creates a local (and optional) PIN.
Once activated, the end-user enters and confirms his PIN each time a one-time password is generated. VASCO's back-end Authentication server performs all OTP and signature validation functions for the complete DIGIPASS product line, including DIGIPASS for Mobile.
No additional hardware is necessary to deploy this advanced security to your end-users. DIGIPASS for Mobile has been successfully deployed on a large scale throughout the banking community, and can be deployed simultaneously with other VASCO® devices to meet customer specific requirements. DIGIPASS for Mobile has an embedded update engine that allows a better life cycle management.
Features:
Enhanced security
DIGIPASS® for Mobile provides Two-factor authentication & e-signature functionality to address security risks associated with the use of mobile and online applications. The time-based one-time password (OTP) is a dynamic authentication code and the most effective defense against complex cyber attacks. With every use the OTP changes, making an online attack virtually impossible.
The DIGIPASS for Mobile application itself is bound to device-dependent components and linked to the user with a PIN code. Therefore the applications cannot be duplicated on another phone or mobile device.
VASCO uses an enhanced provisioning protocol using asymmetric keys. Furthermore, VASCO also offers a unique way to provision software DIGIPASS using HSM server-side implementation. This process uses specific key rotations allowing for the most secure key provisioning.
VASCO's Two-factor authentication and e-signature feature comply with the most recent regulatory requirements in many countries, including the FFIEC guidelines.
Excellent user convenience
Your end-users will experience the freedom to conduct their business securely from a mobile device while traveling throughout the world. A Daylight Savings Time adjustment and time synchronization feature is embedded in the application, enabling frequent travelers to conduct their business anywhere around the world at their own convenience.
The use of DIGIPASS for mobile is intuitive and self-explanatory, making extensive training or lengthy manuals redundant.
Furthermore, DIGIPASS for Mobile now supports QR-codes. Users can capture the QR-code, enter a PIN code and will be instantly logged on to the application in a secure manner. Signing documents or transactions using a QR-code is equally simple. Users capture the QR-code, verify the summary on DIGIPASS for Mobile and validate the transaction by entering their PIN code. DIGIPASS for Mobile will generate an e-signature that will be automatically sent to the requesting server.
DIGIPASS for Mobile provides strong Two-factor authentication and e-signature functionality to the vast majority of current handsets & pads, including iPhone, Android, Blackberry and Java.
The application also supports eight different crypto-applications, allowing an extended use of DIGIPASS for Mobile in different settings such as IVR, online connections, signatures, offline transactions etc.
Fully Customizable
- The Graphic User Interface (menus, messages, icon, names, logos, font color, etc.) is fully customizable based on your individual requirements prior to deployment
- DIGIPASS for Mobile provides a complete set of tools to allow you to publish your own company-branded application on common application stores such as Appstore, Google Play or Appworld
- Operating Modes (authentication and/or signature) are adjustable to best fit requirements
- Foreign and special character display supported with Unicode
- Links to activate & synchronize are customizable
- Menus are extendable to host ATM locators, WAP information, phone banking etc.
Easy integration
VASCO includes a web sample to simplify the integration into your current server architecture. A typical test pilot can be up and running within one day and demonstrates how the software can be implemented. No external server or service is needed; a single VACMAN® Controller integration will handle every aspect of the DIGIPASS for Mobile processes.
Integrating DIGIPASS for Mobile will also enable your server architecture to fully operate with DIGIPASS for Web, without any additional development.
Technical Specifications:
| DIGIPASS for Mobile Technical Specifications | |
|---|---|
| response Only | Time only, event only or time + event-based response : 6 to 16 Decimal/Hexadecimal Check Digit 256 seconds Time Step |
| Host Confirmation Code | AES/Triple DES Length from 4 to 10 Decimal/Hexadecimal (1 to 10 in Challenge response mode) |
| Challenge/Response | Time only, event only or time + event-based AES/Triple DES Encryption Algorithm Challenge length from 4 to 15 Decimal response length from 6 to 16 Decimal/Hexadecimal Check Digit 256 seconds Time Step |
| MAC/signature | Time only, event only or time + event-based Length from 4 to 16 Decimal/Hexadecimal Up to 8 customizable data fields Data field length from 4 to 15 digits 256 seconds Time Step |
| PIN management | PIN length options: no PIN or 6 to 9 digits Max number of wrong entries from 1 to 9 On wrong PIN: Invalid password generation or reset PIN check options : Checksum/Hashcode/None PIN change option |
| Standard algorithms | HOTP |
Documentation:
Download the VASCO DIGIPASS for Mobile Data Sheet (.PDF)
Download the VASCO DIGIPASS for Mobile Enterprise Security Edition Data Sheet (.PDF)