Authenticating with an authenticator

OneSpan Authentication Server supports three basic authentication methods for a typical logon process (see Table: Basic logon methods).

Table: Basic logon methods
Response-Only Challenge/Response Virtual Mobile Authenticator
  1. User enters user ID and OTP.
  2. User clicks OK to attempt a logon.
  3. OneSpan Authentication Server authenticates user.
  1. User enters user ID and password/keyword.
  2. User clicks OK to request a challenge/response logon.
  3. OneSpan Authentication Server generates a challenge.
  4. User enters the challenge into the authenticator.
  5. The authenticator generates an OTP from the supplied challenge.
  6. User enters the OTP into the logon window.
  7. User clicks OK to attempt a logon.
  8. OneSpan Authentication Server authenticates user.
  1. User enters user ID and password/keyword.
  2. User clicks OK to request a Virtual Mobile Authenticator logon.
  3. OneSpan Authentication Server verifies if user is allowed to use Virtual Mobile Authenticator.
  4. OneSpan Authentication Server generates an OTP and sends it to the user.
  5. User receives the OTP (i.e. via SMS).
  6. User enters the password/keyword and OTP into the logon window.
  7. User clicks OK to attempt a logon.
  8. OneSpan Authentication Server authenticates user.