A mobile software authentication system

  • IambOOTP is a system of strong authentication software for smartphones using the public algorithm of the classic Token OTP (commonly used for online banking) to generate a “one-time” password. Unlike hardware tokens, this software solution does not require any special device.

    An OTP-based authentication system is a logical access control tool that uses a double factor: a known data, a personal identification code, and an unknown and always different one, a password generated automatically on a case-by-case basis.

    The OTP system usually uses a token device that generates the password: by typing the password it allows to access the session.

    IambOOTP is a strong authentication system using the public OTP Token algorithm. It only requires a common smartphone, without involving any other hardware device.

  • • Economically convenient solution compared to competitors;
    • The software solution does not require inventory management, unlike hardware tokens;
    • High configurability and immediate integration with pre-existing tools;
    • Optimized performance for high throughput > 2000 authentications per second
    • The tool is already used by the client (mobile phone) and is always available (no need for physical token);
    • The mobile application does not require data connection;
    • Ability to manage multiple services with the same token;
    • SDKs and test tools allow quick and easy integration with existing tools;
    • The backend interface allows an authorized operator to easily manage tokens by activating / deactivating, inserting and verifying the status of a token. It also gives the possibility to grant different levels of authorization for administrator users.

  • • The algorithm used by IambOOTP is based on RFC 4226 – HOTP;
    • The solution is OATH Compliant;
    • IambOO is Adopted Member of OATH;

    The IambOOTP system includes:

    • a validation server (authentication module, licensing module and administrative backend);
    • automatic authentication option via QR-Code;
    • integration by SDK (Java, C # and PHP);
    • a mobile application compatible with iPhone, Android, Blackberry and Java Me;
    • integration with RADIUS servers;
    • backup codes in case of loss of the device (optional);
    • time-based OPT generation (optional).