Secure Channel ensures the confidentiality, integrity, and non-repudiation of data exchanged between a client and a server. The data are encrypted and signed with a key changed during the activation process. The protected data are embedded in a Secure Channel message for the transport process.

Secure message decryption

Once a Digipass instance is activated, the integrating application is able to decrypt secure messages coming from Authentication Server Framework. Such messages are generally considered as requests from the server to the client.

Secure Channel (overview)

Secure Channel (overview)

The workflow involves the following steps:

  1. The application receives the secure message from Authentication Server Framework.

  2. The secure message decryption function of the Digipass SDK is called with the secure message.

    Routines of Secure Channel message decryption:

    • C/C++/Objective C: DPSDK_DecryptSecureChannelMessageBody
    • Swift: decryptSecureChannelMessageBody
    • Java: decryptSecureChannelMessageBody

  3. The result of a successful secure message decryption is the decrypted message.

The Digipass SDK is agnostic of the channel used to transfer the message from Authentication Server Framework, or of the content of the message.

The Secure Messaging SDK provides a way to convert raw data into a body message that can be used in the context of the Secure Channel feature with the Digipass SDK. For more information, refer to the Secure Messaging SDK Integration Guide.

The Image Generator SDK and Image Scanner SDK provide a way to transfer the message into an image format from the server to the integrating application. For more information, refer to the Image Generator SDK Integration Guide.

Secure Channel information message generation

If a Digipass instance is activated, the integrating application is able to send Secure Channel messages that will be decrypted and parsed by Authentication Server Framework. Such messages are generally considered as information messages sent by the client to the server.

Secure Channel information message generation (overview)

Secure Channel information message generation (overview)

The workflow involves the following steps:

  1. The Generate Secure Channel Information Message function of the Digipass SDK is called with the message to secure.

    Routines of Secure Channel information message generation:

    • C/C++/Objective C: DPSDK_GenerateSecureChannelInformationMessage
    • Swift: generateSecureChannelInformationMessage
    • Java: generateSecureChannelInformationMessage

  2. The result of a successful Secure Channel information message generation is a Secure Channel message.

  3. Authentication Server Framework can decrypt the Secure Channel message.

The Digipass SDK is agnostic of the channel used to transfer the message to Authentication Server Framework, or of the content of the message. Unlike secure messages sent by the server, the Secure Messaging SDKis not involved to convert raw data into a body message when sending information messages.