Transports How To Guide

From Swivel Knowledgebase Wiki

Jump to: navigation, search


Image:logo.gif


Contents

Transports How To Guide

Overview

Each PINsafe user can be configured to receive authentication and account information.

Alerts are notifications about the user account, such as PIN numbers, passwords, account locked, PIN changed, PIN change required, etc.

Security Strings or One Time Codes is the authentication information.


Transport Methods

PINsafe can send Alerts, Security Strings and One Time Codes in a variety of methods, these include:


Alerts, Security Strings and One Time Codes

  • SMS and where supported SMS Flash
  • SMTP (Email)

If the users alert type is changed then a new welcome message is sent to the user.


Security Strings and One Time Codes

  • Single Channel Graphical Images (TURing, PATtern, BUTton)
  • Mobile Phone Clients (Swivlet, .Net Applet)
  • Other methods are available in Beta testing


Each of these methods are described below:

For further information on configuring Transports see Transport_Configuration


Dual Channel

A text message sent from an SMS gateway or GSM modem (see GSM Modem How To Guide). This is known as Dual Channel authentication as the user receives their security string by one method (the mobile phone network), and authenticates by another channel (the internet). PINsafe also supports the sending of Multiple Security Strings, see Multiple Security Strings How To Guide, and the sending of One Time Codes without PIN extraction, see PINless How To Guide

There are two delivery methods for Dual Channel messages, standard delivery, and On Demand delivery:


Standard Delivery: When a user account is created the user is sent a security string. When the user passes or fails an authentication, a new security string is sent to the user. Where 'On Demand' delivery is used a button can be added to the login page to request a new SMS message.


On Demand Delivery: An SMS message is sent to the user only when it is requested. A button is usually created for the user to request the SMS. Where it is supported by the Access device Challenge and Response authentication' can be used where a password is entered before an SMS is sent to the user, see Juniper Two Stage Challenge and Response How To for a sample of how to do this. On demand security strings are only valid for a limited timespan, see Session Cleanup.


Image:PINsafe dual channel multiple authentication strings.JPG


Single Channel

This is where the user receives their security string and authenticates by the same channel (i.e. the internet). The Image is normally embedded into the login page, where this is not possible a Taskbar application is available, see Taskbar How to Guide. Single Channel images are only valid for a limited timespan, see Session Cleanup.

PINsafe offers a variety of methods including:

Turing Image

Image:Turing.jpg

PATTern Image

Image:PATtern.JPG Image:PATtern2.JPG

BUTton Image

Image:BUTton.JPG

Also see: Single Channel Customisation How to Guide


SMTP (Email)

SMTP can be Dual or Single Channel authentication. Where it is sent directly to a mobile phone by wireless transmission (e.g. a Blackberry), it is dual channel, where it is sent across the internet to the user it is singe channel.


Mobile Phone Application

This is where the mobile phone requests a number of security strings, it is normally dual channel authentication, as the security strings are requested from the PINsafe server across the wireless network.

Fore more information see Swivlet How To Guide, the Windows Mobile How To Guide and the IPhone guides.

Retrieved from "http://kb.swivelsecure.com/wiki/index.php/Transports_How_To_Guide"