Digipass Plug-In for IAS Product Guide - Vasco

More documents

Recommendations

Info

Digipass Plug-In for IAS Product Guide Digipass Time-based A time-based Application will change the OTP to be displayed based on the current time. The common time step used is 36 seconds – and means that the OTP to be displayed will change every 36 seconds, whether or not an OTP has been requested from the Digipass. Event-based An event-based Digipass Application will display a new OTP each time a request for an OTP is made. Challenge/Response Challenge/Response Digipass Applications can be either time-based or non-time-based: Time-based A time-based Challenge/Response Digipass Application will generate an OTP based on the Challenge given and the current time. The common time step used is 9 hours ('slow challenge'). This would mean that if the exact same Challenge were given to a Digipass within a 9 hour period, the Digipass Application will generate the same OTP. However, Challenges are very rarely repeated within such a time period. Non-time-based A non-time-based Challenge/Response Digipass Application will generate an OTP based only on the Challenge given. 2.2.3.3 OTP Length The length of the OTP (excluding check digit) generated by the Digipass for Response Only and Challenge/Response Digipass Applications. Check Digit A check digit may be added to each OTP. This is generated from the response and allows for faster invalidation of incorrect OTPs. 2.2.3.4 Challenge Length The length of the Challenge (excluding check digit) which should be expected by the Digipass. This is used by the Challenge/Response Digipass Application. Check Digit A check digit may be expected with each Challenge. This is generated by the server from the Challenge and allows the Digipass to reject most invalid Challenges. © 2005 VASCO Data Security Inc. 26
Digipass Plug-In for IAS Product Guide Digipass 2.2.4 Digipass Record Settings These settings are kept in the record for a Digipass Application, and affect which OTP is expected by the IAS Plug-In. 2.2.4.1 Time/Event-based Settings Time Based Specifies whether the algorithm for the Digipass application is time-based (see Time/Eventbased Digipass Applications for more information). Time Step Used The time step used by the Digipass Application (see Time/Event-based Digipass Applications for more information). Last Time Shift Time Shift records any misalignments between the time recorded on the Digipass and the time recorded on the server, each time a User logs in. This ensures that if either clock drifts from the correct time, an allowance can be made by the IAS Plug-In and the User will still be able to log in. If the time drift goes beyond the allowable time window between User logins, the Digipass record will have to be reset (this allows for recalculation of the time drift). Example Time window may be 5 steps in either direction. This means that 11 OTPs would be considered valid – the exact OTP for that time, and the OTPs for the 5 time steps either side of the exact time. If the OTP given is for a different time step, the time shift for that Digipass will be recorded. The next time the User logs in, the expected OTP will be calculated based on that time shift. Last Event Value The current number of uses of the Digipass Application, according to the Digipass. This can get out of sync with the number of uses recorded by the IAS Plug-In when: login failures occur for other reasons than incorrect OTP the Digipass has been used without a login (eg. children have been playing with it) The Digipass is being used to log in to two separate systems The purpose of this setting is much the same as the Last Time Shift setting – it allows the IAS Plug-In to track any shifts between the event count recorded by itself and the Digipass. 2.2.4.2 Response Length This setting determines the length of the OTP (excluding check digit) expected by the server from the Digipass Application. © 2005 VASCO Data Security Inc. 27
Page 1 and 2: Digipass Plug-In for IAS IAS Plug-I
Page 3 and 4: Digipass Plug-In for IAS Product Gu
Page 25: Digipass Plug-In for IAS Product Gu
Page 73: Digipass Plug-In for IAS Product Gu

Digipass Plug-In for IAS Product Guide - Vasco

Create successful ePaper yourself

Delete template?

Save as template?