Replacement of OTP tokens
with a mobile app
CASE authentication server including mobile authentication application serving as an online authenticator and offline one-time password generator.
The client’s requirements
Orange Slovakia takes its responsibility to protect the sensitive data veryseriously, requiring two-factor authentication for remote access to sensitive applications. In addition to accessing selected services through a VPN, Orange opted to extend the security of other applications and services, such as those provided to its customers. Key requirements for the solution included:
- The solution remains open to use across various electronic services (a VPN, web portal, specific applications and so on).
- End-users should not find the secure authentication mechanism annoying, but convenient.
- The authentication system is hosted locally (on-premise); this facilitates additional means of authentication (a SIM card, a HW OTP token).
The solution delivered
In 2017-2018, MONET+ implemented their CASE authentication server, including a mobile authentication app serving as an online authenticator and offline one-time password generator. As an alternative method for network login, we also provided our SIMAU extension (an authentication applet on a SIM card, supporting the mode for OTP generation and SMS authentication (PushSMS).
The authentication system is employed for management of the given authentication tool (a SIM card, a SW token) and its life cycle (distribution, activation, blocking and so on).
The benefits delivered
The solution provides secure access to selected applications through a VPN, access to web applications and specific applications (SAP, salaries) with .user friendly and usable, yet highly secure mobile method
Autentizační systém je používán pro správu autentizační prostředků (SIM karta, SW token) a jejich životního cyklu (distribuce, aktivace, blokace atp.)