How do I use MFA offered by Onespan
Wednesday, December 9, 2020 at 12:35pmHelo,
Inside my product ecosystem, I have already wso2 Identity Server up and running which provides GWT token. I am willing to use the MFA capability of Onespan and the push notification as a reliable solution instead of OTP.
1) What could be the shortest way to integrate? Please provide detailed information around this.
2) Concern around PSD2 compliance of ACCOUNT and MOBILE number in Onespan. Customer will login with Acccount No and Mobile Number.
3) Biometrics to be used in Mobile applications.>> Please provide detailed info around
4) Alternatives of Captcha to be provided if possible for stopping Denial of Service Attacks.
5) What if the onespan push notification is not received on the device ? What is the repeat / contingency.
Regards
Navneet
Reply to: How do I use MFA offered by Onespan
Wednesday, December 9, 2020 at 04:40pmHi Naveet,
In OneSpan we have wide range of security products that could help you achieve your goals. Depending on the product that you are looking to integrate, if it is OneSpan Intelligent Adaptive Authentication or OneSpan Clould Authentication we can answer your question accordingly.
As of your biometrics question, the trusted device would have your mobile application integrated to OneSpan Mobile Security Suite, which will capture the end-user predefined authentication type, including biometrics. Also, if the push notification was not received at the end-user side for any reason, the authentication method will fallback into PIN authentication.
Please contact: [email protected] to guide you through your remaining questions to help you chose the right solution for you.
Hope that helps,
Hakim
Reply to: Hi Naveet, In OneSpan we…
Wednesday, December 9, 2020 at 07:02pmHi Hakim,
Thank you for your quick reply. As of know I donot know what ships with these two distributions. I am mainly looking Onespan for Multi factor authentication which is core capabilities of Intelligent Adaptive Authentication. Which solution is cheaper Intelligent Adaptive Authentication or OneSpan Clould Authentication?
Regards
Navneet
Reply to: How do I use MFA offered by Onespan
Wednesday, December 9, 2020 at 08:00pmHi Navneet,
OneSpan Intelligent Adaptive Authentication includes Risk Analytics Solution to add on the adaptive capabilities. Both Solutions provide variety of Multi Factor Authentication methods through the end-user trusted device. The second authentication method could be Biometrics, PIN, OTP sent through a secured channel and so on. You could read more about it and see some example in our blogs section.
For pricing and packages please check with the contact I shared with you above.
Please let us know if you have any more questions.
Hakim
Reply to: How do I use MFA offered by Onespan
Wednesday, December 16, 2020 at 02:55amHi
Do we have React Native SDK in currently available any product suite?
If no..What is the work around for React Native apps platform to integrate?
Regard
Navneet
Reply to: How do I use MFA offered by Onespan
Wednesday, December 16, 2020 at 07:18pmHi Navneet,
The OneSpan Intelligent Adaptive Authentication is built adhering to REST architecture. It is up to you to chose the http library you want to integrate it to your web or mobile app. Though, the Orchestration SDK is provided for both Android and iOS. To have a successful transmission of the orchestration commands between the server and client side, you will need to implement the SDK callbacks or delegates within your app. Check out part1 and part2 of this blog for more info. Meanwhile, I will check if there is a workaround in case of the Orchestration SDK.
Hakim
Reply to: How do I use MFA offered by Onespan
Tuesday, December 29, 2020 at 12:46pmHi
Could anyone provide me the integration sequence diagram stating how would I integrate the cronto image code to my banking application?
Regards
Navneet
Reply to: Hi Navneet, The OneSpan…
Monday, January 4, 2021 at 11:24amHi Hakim,
Wish you happy new year 2021 !
1. We have existing license agreement for MAS and OneSpan Authentication Server.
2. We are planning to use MSS product for Mobile Banking apps and Net Banking web application.
3. Could you please provide me the details about what are the SDKs required for Mobile Banking apps and similarly what all are required for net banking web apps
4. Attached is the activation diagram. I am going to propose . Please clarify my below doubts
1) How to I integrate MSS suits client app with OneSpan Authentication Server?
2) User defines and Confirms PIN, Where do we store them?
3) I am already getting user credentials so in that case Can I skip register user identifier flow? Assume I have user identifier and password which end user will specify in mobile application and call the startAvtivation method of Orch SDk Client.....
4) Can you provide me the pointer in this attached sequence diagram how do I configure Cronto image generation and scanning?
Regards
Navneet
Reply to: How do I use MFA offered by Onespan
Monday, January 11, 2021 at 01:04pmHi Naveet,
Sorry for the late reply as I have been on vacation. I will make sure to answer your questions as soon as possible.
Thank you,
Hakim
Reply to: How do I use MFA offered by Onespan
Tuesday, January 12, 2021 at 01:32pmHi Navneet,
To answer your questions above:
1. The Mobile Security Suite SDKs will be integrated to your mobile application, then it will be used to facilitate the secured data transmission from and to the OneSpan Authentication Server. That will require you to override the necessary interfaces in the SDKs and define the callbacks or delegates.
2. For security reasons the PIN will never be stored, the value will be encrypted in a salt by a special algorithm, when there is a PIN mismatch, the algorithm will block the activity requested.
3. User credentials must be stored by Risk Analytics. So I think skipping the user registration and activation is not an option. Though, since the registration is straightforward through a RESTful API, I believe you could integrate this step to your current registration flow.
4. The Cronto image will be a mean to transmit data depending on the flow you chose to follow, most likely you won't need to scan an image if you are adopting an online registration workflow, as the data will be transmitted online in the registration and activation process. So the generation and scanning of the Cronto will depend on the activity you want to use it for, and the flow you want to follow. For example, if you want to authenticate a transaction initiated by a web application on the trusted device, the Cronto will be generated after you specify the amount, and based on the transaction data, you will scan the Cronto image using the mobile device.
I hope this helps,
Hakim
Reply to: Hi Navneet, To answer your…
Tuesday, January 12, 2021 at 03:39pmHi Hakim,
Thank you so much for your reply. We are having MAS and IDENTIKEY Open Banking server Licensing. You are suggesting us to use MSS product suit to bring us new mobile interface for bank application.. Why and How is the Question in your plate.. How do my new Banking App+ MSS library would talk with aged old server IDENTIKEY authentication server.. Once you have cloud server available in your product suit... We are restful as of now .. all modern client apps integrating through REST API.. Why you say us to use SOAP API.. Is it high cost using your cloud server solution??
High Regards
Navneet
Reply to: How do I use MFA offered by Onespan
Wednesday, January 13, 2021 at 04:06pmHi Navneet,
To answer your initial question. If you are following the local authentication, you are likely won't need a push notification solution. In case required, yes you could use a third party notification delivery service. Please check this blog for an example.
Hakim
Reply to: How do I use MFA offered by Onespan
Wednesday, January 13, 2021 at 04:15pmFor your other inquiry, I'm not aware of any recommendation that may been given to you. We have a variety of products at OneSpan that serve different purposes. Could you please communicate with your OneSpan account manager to get the best advice how to migrate and take advantage of your absolute RESTful API, or what solution could work best for you.
Thank you,
Hakim