Mobile UniOTP Solution

From SecuTech Wiki
Jump to: navigation, search

Mobile UniOTP First Launch and Configuration

  • This is the screen shown the first time the Mobile UniOTP application is lauched.
  • At this step, you must set the password needed to access the application.
  • Fill in the fields Password and Confirm Password and tap the Confirm button.
  • The next time the application is launched, this password will be requested.
  • If you forgot this password, delete and reinstall the application on your device.
  • If this is the case, you will need to resynchronize your One Time Password application with the server.
Mobile UniOTP login screen
  • After setting the application password, you will be redirected automatically to the main screen.
  • From the main screen, tap Synchronize at the bottom of the screen to access to the synchronization interface.
'password set successfully' message
  • Select the type of One Time Password from the synchronization interface. You can choose among Event-Based, Time-Based and Challenge/Response.
  • Depending on the type of OTP chosen, information needed for synchronization is different. For reasons of security, Mobile UniOTP operates independently from use of network communication. Hence, please communicate to your administrator the information displayed on the screen.
  • If you decide to use Mobile UniOTP with OTP MGS, you will need a token file. Please send your synchronization information to to receive the token file corresponding to your device within 24 hours.
  • If you decide to use UniOTP API (included in UniOTP SDK), the information displayed here can be used directly.
UniOTP synchronization information
  • Once information has been communicated to your administrator, tap Synchronize to apply changes.
  • If returning to the main screen without synchronizing, synchronization information will not be saved and the application will not be able to generate correct One Time Passwords. Be sure to tap Synchronize before returning to the main screen.
  • A message will be displayed if the synchronization succeeded.
  • Every time you open the Synchronization interface, new synchronization information is generated but is only saved if the Synchronize button tapped.
synchronized successfully
  • Once back to the main screen, tap the icon corresponding to your type of generated OTP to access to the OTP generation interface.
OTP generation interface

Event-Based OTP Generation

  • Each time the Event-Based OTP generation interface is accessed, a new password is automatically generated.
  • The Generate button can be tapped to generate a new password.
  • Note: If you switch back and forth between the main screen and OTP generation screen, or if you generate a new OTP excessively in a short period of time, the OTP application may become desynchronized and would need to be synchronized again.
OTP 699391 being displayed

Time-Based OTP Generation

  • In the time-based OTP generation interface, a new password is generated every 60 seconds. Users cannot force the generation of a new password. For every time-based password generated, if 60 seconds have not lapsed, the password will remain the same, and thus only every 60 seconds a new password generated.
  • Note: If the device time desynchronizes from the server time more than permitted, the device may become desynchronized. Please take note of this, and make sure to not change the time of your device after you have synchronized it with the server.
displaying time-based OTP

Challenge/Response Password Generation

  • In order to generate a OTP using the Challenge and Response system, inputting a challenge code received from the server is required. Authentication will be determined by the correct response generated from the given challenge.

Example of Use:

  • After a user has logged onto a website, the server will display a challenge code to the user, requesting the user to input the corresponding OTP generated from this code. The user inputs the challenge code in the Challenge/Response interface to generate a OTP. This generated response is used to authenticate to the server and, hence, only the correct response can be used to successfully authenticate.
Enter challenge received and display current OTP

Other Settings

From the Settings screen, you can perform the operations listed below.

  • Change the password for accessing the application.
  • Display the S/N (Serial Number).
  • Display the device time.

settings screen change password screen