DynaPass Authentication Glossary


Posts Tagged ‘OTP’

Mobile Authentication

Any authentication solution that delivers any factor of the identification process through a mobile device is utilizing mobile authentication. This could be a one-time password transmitted through SMS text message or even email. Even an application on a mobile device that generates an OTP offline is also considered to be mobile authentication.

See DynaPass Two-Factor Authentication

Authentication Token

During multi-factor and two-factor authentication processes a device may be used for one time password generation or OTP transmission. Known as an authentication token and ranging from a proprietary device to a regular mobile phone these tokens are used for out-of-band authentication. Many times when discussing the cost of authentication security the token is mentioned due to the costs associated with hardware creation and network expenses. Downsides to tokens are that they can be misplaced, stolen or broken.

See DynaPass Two-Factor Authentication

Two Factor Authentication – Dual Factor Authentication (2FA)

Two Factor Authentication (TFA or 2FA) is also called strong authentication and is a security process which requires two independent mechanisms for authentication.  Two factor authentication implies the use of two out of the three factors to assert an entity’s identity to another entity. The three factors are: Something you know, like a Personal Identification Number (PIN); Something you have, like a mobile device for receiving a one time password or ATM card; Something you are, like a face scan, iris scan or your fingerprint.  Two factor authentication is used generally in electronic computer authentication where stronger means of authentication is needed to protect sensitive data.  For example, electronic personal health information (ePHI) on a computer accessed by many different individuals can be exposed and can result in HIPAA fines and violations for the medical institution.  Two factor authentication can be used in these instances to decrease the probability of a non authorized user to access this information.

See DynaPass Two-Factor Authentication

One-Time Password (OTP)

A one-time password (OTP) is a password that is only valid for one session or transaction. Unlike traditional static passwords, one-time passwords are not vulnerable to replay attacks. This means that if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a transaction, he or she will not be able to use it again since the password is no longer valid. One-time password generations are random which make them hard to predict. There are different ways to make the user aware of an OTP. Some systems use electronic tokens that the user carries that generate a one-time password and show them using a small display. Other systems focus on software that run on a user’s mobile phone and there are systems that generate one-time passwords on the server side and then send them to the user using an out-of-band channel such as SMS messaging.

See DynaPass Two-Factor Authentication
See DynaPass One-time Password