The challenge message displayed to the user, when performing a Virtual Mobile Authenticator authentication.

Note that the templates for other notifications sent by Message Delivery Component (MDC) during Virtual Mobile Authenticator authentication are configured via the global server configuration (see Global Configuration – Virtual DIGIPASS (tab)).

Default value (Base Policy): "Enter One-Time Password"

The MDC profile to use for this delivery method. It defines a specific group of settings for a particular delivery method. If no MDC profile is specified in this field, the highest-ranked, enabled, and available MDC profile for the specified delivery method/s will be used.

The MDC profile name should not be confused with the profile's display name. The display name is simply an ad-hoc field used primarily to describe and further identify the profile. The MDC profile name is the name that appears in the Profile column of the MDC Configuration Utility.

The MDC profile name is not unique, therefore, more than one MDC profile with the same name may exist for this delivery method. In that case, the highest-ranked, enabled, and available MDC profile with the specified name will be used.

The method by which a user has to request a Virtual Mobile Authenticator login.

The request is made in the password field during login. The request will be ignored if the user does not have a Virtual Mobile Authenticator assigned.

Possible values:

• Default. Use the setting of the parent policy.
• None. Do not use primary Virtual Mobile Authenticator.
• Keyword. Use the request keyword, with or without another item. The user needs to type the request keyword into the password field. This can be blank.
• Keyword Only. Only the keyword will be accepted.
• Password. Use the static password. The user needs to type the static password into the password field.
• KeywordPassword. Use the request keyword followed by the static password. The user needs to type the request keyword followed by the static password into the password field. No separator characters or white spaces are allowed between them.
• PasswordKeyword. Use the static password followed by the request keyword. The user needs to type the static password followed by the request keyword into the password field. No separator characters or white spaces are allowed between them.

When the BVDP Mode setting is Yes – Time Limited, the time limit setting indicates the number of days for which the backup Virtual Mobile Authenticator feature can be used by users, once they start to use it.

The Backup Virtual DIGIPASS Enabled Until value in the authenticator record will be set automatically the first time that the user requests an authenticator OTP, using the time limit defined in the policy. Once this date has expired, it requires administrator intervention either to extend it or to reset it to blank for the next time that the user needs to use a backup Virtual Mobile Authenticator.

Note that if a user has more than one authenticator capable of backup Virtual Mobile Authenticator, each authenticator has a separate limit.

The method by which a user has to request a backup Virtual Mobile Authenticator login.

The request is made in the password field during login. The request will be ignored if the user does not have an authenticator assigned that is activated for the backup Virtual Mobile Authenticator feature, or if any other policy or authenticator settings do not permit backup Virtual Mobile Authenticator use.

Possible values:

• Default. Use the setting of the parent policy.
• None. Do not use backup Virtual Mobile Authenticator.
• Keyword. Use the request keyword. The user needs to type the request keyword into the password field. This can be blank.
• Keyword Only. Only the keyword will be accepted.
• Password. Use the static password. The user needs to type the static password into the password field.
• KeywordPassword. Use the request keyword followed by the static password. The user needs to type the request keyword followed by the static password into the password field. No separator characters or white spaces are allowed between them.
• PasswordKeyword. Use the static password followed by the request keyword. The user needs to type the static password followed by the request keyword into the password field. No separator characters or white spaces are allowed between them.

The method used to deliver the virtual signature.

Possible values:

• Default. Use the setting of the parent policy.
• Email. Deliver the OTP via email. The user account must have a configured email address.
• SMS. Deliver the OTP via SMS. The user account must have a configured mobile phone number.
• Voice. Deliver the OTP via voice channel (i.e. dictated over a phone line). The user account must have a configured mobile phone number.

This field also allows you to specify one of the following combinations of delivery methods:

• Email and SMS
• SMS and Voice
• Email and Voice