InTTrust OTP Solution

InTTrust solution “Trust-OTP” is a system that allows the software generation and validation of One Time Passwords in order to authenticate a user at the time of a transaction execution. The client of the system is available either as application for smartphones, or as library for linking with other applications. In order to accomplish this, it uses:

  • a common shared secret key that is generated during the initialization phase with collaboration between the end user and the Trust-Controller.
  • a challenge key that is generated by the Trust-Controller (using transaction data) at the time when a transaction is about to be executed and is presented to the user (QR code).
  • a timestamp that is shared between the Trust-Controller and the client application that is in the end user’s possession.

All this information is combined in order to generate a One Time Password that is presented to the user who is then required to enter it into the channel where the transaction was originated in order to complete the transaction.

Business

  • Improve customer user experience & engagement
  • Turn-Key solution because internal bank’s Internet banking modifications can be implemented by InTTrust
  • Capability to support OTP authenticated transactions for automated users for corporate banking
  • Secure and robust solution
  • InTTrust guarantees support and extensibility
  • Flexible initialization process (Call Center/ATM/Branch)
  • No Internet connection/mobile network/SMS required, therefore less cost and greater flexibility
  • SMS functionality for non-Smartphones
  • More cost-effective than H/W OTP Tokens

Technical

  • Provides defense against MITM/MITB attacks
  • QR code with transaction information for extra security
  • Easy configuration of time window for OTP validity
  • Challenge-based, Event-based and Time-based OTP generation
  • OTP generation based on RFC6238/RFC4226
  • Complies with Initiative for Open Authentication (OATH)
  • Easy integration of Trust-OTP with other applications using supplied libraries


If you want to know more, contact us.


Share