Security String is the term used to describe a PIN protected One Time Code (OTC) and used as a password or passcode that can only be used a single time. Once it has been used, successfully or unsuccessfully, then it becomes invalid. The Swivel Authentication platform provide an security to a user in a number of ways:
- SMS Text message
- Single channel image such as TURing or Pinpad
- Mobile Phone Client application
Instead of a PIN protected security string, the user can be sent an unprotected OTC, the term used to send an unprotected OTC is PINless, see PINless How To Guide.
The Swivel authentication platform supports the use of both PINless and PIN protected users.
Key points of the security string
- User never enters their PIN
- PIN stays the same for each authentication
- User receives a new security string for each authentication
- User can change their PIN, see ChangePIN User Guide
Swivel All versions
Swivel 3.1.4 onwards for PINless
Using Security Strings
A user guide for using security strings is described here: PINsafe User Guide.