Mobile Phone Client RADIUS Authentication

From Swivel Knowledgebase
Revision as of 19:35, 15 January 2019 by AGouveia (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Overview

Mobile Phone Clients require the access device to use PAP authentication to provide a more resilient authentication.

With PAP authentication, the OTC and sequence number is sent to the PINsafe server for authentication. This allows for in and out of sequence OTC's to be used. With other forms of RADIUS authentication, the Access devices requests the expected OTC from the PINsafe server, and thus the next authentication must be the ext in sequence.


Prerequisites

PINsafe Mobile Phone Client or Swivlet

PINsafe 3.x

Access device using RADIUS authentication


Symptoms

User enters a OTC that sometimes fails to authenticate but appears correct

If an OTC code is entered out of sequence, the authentication fails.


Solution

Set the Access device to use PAP RADIUS authentication

Use another authentication method such as AGENT-XML