Score-based authentication

Score-based authentication extends authenticator responses to include scoring information. A score-based response includes the status of the hosting platform or the Digipass SDK usage context. The response can be based on different criteria that are grouped in three categories:

Platform. Criteria linked to the platform that hosts the application, e.g. the jailbreak or rooting status.
User. Criteria linked to the person that is using the application, e.g. the password protection status.
Context. Criteria linked to the current usage of the application, e.g. the geolocation information.

The list of criteria that is considered as relevant to calculate the score in a particular situation is determined by the application that integrates the Digipass SDK.

OneSpan Authentication Server does not fully support score-based authentication. It can verify an OTP value to be valid, even with a score-based authenticator application. However, if OneSpan Authentication Server detects a score warning, it will reject the OTP (even an otherwise valid one). You can detect this case in the error stack information included in the respective audit message, e.g. "{Error Code: '(-140)' ; Error Message: 'Serial VDS1010000-1 Application APP 1 RO OTP Incorrect - Operation Successful with Platform & User Warning'}".

Score-based authentication

Log in

Two-step verification is required