Backup offline authentication - Virtual Mobile Authenticator

Virtual Mobile Authenticator can be used as a backup mechanism for Digipass Authentication for Windows Logon offline authentication, when users do not have their hardware Digipass authenticators at hand. This extends the OTP delivery features of Message Delivery Component (MDC) to Digipass Authentication for Windows Logon. With Virtual Mobile Authenticator the user receives one-time passwords via mobile phone or via email.

Digipass Authentication for Windows Logon supports Virtual Mobile Authenticators for online, offline, and Push Notification authentication.

When users do not have their primary Digipass authenticator at hand, they can request a Virtual Mobile Authenticator to use for authentication. A Virtual Mobile Authenticator may be limited by number of uses or days of use, after which the user will need to use again the primary Digipass authenticator to log on. The system administrator can configure contact information to inform users on the Windows logon screen about whom to contact to request a Virtual Mobile Authenticator.

If a user has at least one hardware Digipass authenticator and at least one Virtual Mobile Authenticator, Digipass Authentication for Windows Logon considers the longest grace period set.

This behavior only applies to the Digipass Authentication for Windows Logon client type. For all other client types registered in OneSpan Authentication Server, the shortest grace period is effective.

Virtual Mobile Authenticators need to be configured via the OneSpan Authentication Server configuration.