Authenticator application types
Each authenticator is programmed with at least one authenticator application and a unique secret. The authenticator application uses this unique secret when it generates one-time password (OTP) values or an electronic signature.
Each type of authenticator application generates OTP values or signatures from different data, and in slightly different ways:
Creates an OTP, either based on the current date and time or on the number of uses (i.e. events).
Creates an OTP (also referred to as a response) based on a numerical challenge given on a logon page. This challenge may be either one of the following:
- Custom-created challenge for the specific authenticator
- Randomly-created challenge
The OTP may also be based on the date and time.
Electronic signature applications are typically used in online banking. The authenticator creates a unique code—i.e. an electronic signature—based on a number of transaction data fields entered plus (optionally) the date and time or events.
A multi-mode authenticator can be used on all of the above modes.