English (United Kingdom)Turkish (Turkiye)

One-Time Password (OTP) Infrastructure

The PhonoClick One-Time Password Infrastructure (PC-OTP-I) is a software based client/server solution that can be used in systems that require multi-factor authentication, such as Internet Banking, call-center or ATM channels of banks.

Runs on any mobile device

Designed for use on mobile devices, the client software can be installed, provisioned and used on as many mobile devices as possible. This relieves end-users from keeping track of hardware OTP devices and enables them to generate one-time passwords any time and anywhere they want using the most convenient mobile device they own.

PhonoClick's OTP implementation is available on all major platforms:

  • iPhone
  • Blackberry
  • Windows Mobile
  • Android
  • Java MIDP 2.0

Easy integration with existing systems

PC-OTP-I server software manages the provisioning of end-user devices and is responsible for verifying that submitted one-time passwords match the credentials of the user that the mobile device was provisioned for. The server software communicates with back-end systems using web services, enabling rapid integration, for verification, provisioning and resynchronization operations.

Low cost of ownership

In contrast to SMS based one-time password solutions, the PC-OTP-I solution does not incur any communication costs. Similarly, compared to hardware based one-time password solutions, it reduces total cost of ownership, usability and maintenance costs.

Standards-based strong authentication

The PC-OTP-I solution is based on industry standards developed jointly by IETF and the Initiative for Open Authentication and can operate in time-based, counter-based or challenge/response modes as requested. In all operation modes, client and server components use a client specific, shared cryptographic key for password generation. This key is generated by the server and installed on the client at the time of provisioning. The key is stored using industry-approved encryption routines on both the server and the client. Moreover, this encryption is performed on the client device using a user-defined password, thus ensuring that the key can only be retrieved by the end-user.

Features:

  • Client app for iPhone, Blackberry, Windows Mobile, Android, and Java MIDP 2.0 devices
  • Based on & Certified for compliance with industry standards
  • Multiple devices per user
  • Client side PIN/Password Protection
  • Time-Based, Counter-Based and Challenge/Response Operation Modes
  • Cross-platform & customizable client software
  • Small footprint & easy installation
  • API based rapid integration with back-end systems
PhonoClick is a contributing member of the
Initiative for Open Authentication.

Read the white paper to learn how Open Strong Authentication can make your systems more secure.

 

Learn more...