The Triple Data Encryption Standard (3DES
Symmetric key-block cipher. Uses the Data Encryption Standard (DES) cipher three times to encrypt its data.) key used to protect the Digipass secret in the dynamic vector is provided by the application that integrates the Digipass SDK. The management of this key is delegated to you during the integration of the Digipass SDK.
In Activation with delegated protection (overview), the application integrating the SDK manages its own dynamic vector-encrypting key. This key must be provided during the activation process and afterward for each call to the SDK. Without this key, the dynamic vector cannot be used, and the Digipass authenticator needs to be reactivated.
The dynamic vector-encrypting key is not controlled by the Digipass SDK. Thus, an invalid encrypting key will lead to an incorrect decryption of the Digipass secret and, consequently, to an invalid response. The Digipass SDK does not manage a lock mechanism if it is integrated with delegated protection.
This dynamic vector-encrypting key ensures that only the application owning the key is able to use the Digipass authenticator.
All API entry points supporting a third-party encrypting key are suffixed with WithKey.
Example of routines for delegated protection: