Supported authenticators for OneSpan Cloud Authentication

OneSpan Cloud Authentication supports both hardware and software authenticators for the available authentication and transaction data signing operations. The following authenticator types are supported:

  • Hardware authenticators that support the following operations:

    • Response-Only
    • Signature

    • Cronto image authentication

      These authenticators are visual transaction signing solutions, where the Cronto image is scanned to capture the critical transaction information. No data entry is required. The transaction information is encrypted, and users verify the transaction details on a trusted display.

    • FIDO-based passwordless authentication

  • Software authenticators that support authentication and transaction data signing operations:

    • OneSpan Mobile Authenticator Studio

    • OneSpan Mobile Security Suite Orchestration SDK

      These authenticators facilitate two-factor authentication as well as e-signature generation to address the security risks of mobile and online applications.

      For more information about the product features and deployment, refer to the OneSpan Mobile Authenticator Studio and OneSpan Mobile Security Suite product documentation.

Specific authenticator activation scenarios

To ensure successful authentication and transaction data signing operations, the authenticator used for the operations must be activated. In addition, OneSpan Mobile Authenticator Studio and OneSpan Mobile Security Suite Orchestration SDK must also be customized.

Activate a Cronto image device offline

OneSpan Cloud Authentication (OCA) supports the offline activation of your Cronto image device. The user activates their Cronto image device offline using two Cronto image activation messages.

Offline activation of a OneSpan Mobile Authenticator Studio mobile application

To use OneSpan Mobile Authenticator Studio for the Secure Channel- and Push Notification-based operations, it must be activated using the multi-device licensing offline activation. For this offline activation, Mobile Authenticator Studio must be customized. For more information about the customization and instructions on the necessary steps for two-step offline activation, refer to the OneSpan Mobile Authenticator Studio Customization Guide.

In addition, Mobile Authenticator Studio must be customized to collect the userID@domain information in the last step of the offline activation. This userID@domain will be stored in the mobile app, to be used in Push Notification-based authentication and transaction data signing scenarios.

Mobile Authenticator Studio 4.18 does not support the DIGIPASS Gateway ID as supported by Digipass App.