Skip to main content
SpringerLink
Log in

OTP and Challenge/Response algorithms for financial and e-government identity assurance: current landscape and trends

  • Chapter
Book cover ISSE 2008 Securing Electronic Business Processes

  • 500 Accesses

Abstract

This paper will analyse the current landscape of One Time Password (OTP) and Challenge-Response algorithms. It will detail the technical and security differences between algorithms such as the OATH algorithms (HOTP, OCRA, HOTP time based), EMV CAP and the proprietary algorithms from ActivIdentity. The paper describes the most common use cases and applicability as important tools for identity assurance in the financial and e-government industry sectors. It also outlines observed trends in current usage and future trends providing the audience with the valuable information to make a more informed choice in their identity assurance challenges.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. OATH, “Initiative for Open Authentication”, http://www.openauthentication.org/

    Google Scholar 

  2. IETF, “HOTP: An HMAC-Based One-Time Password Algorithm”, http://www.rfc-archive.org/getrfc.php?rfc=4226

    Google Scholar 

  3. IETF, “OCRA: OATH Challenge-Response Algorithms”, http://www.ietf.org/internet-drafts/draftmraihi-mutual-oath-hotp-variants-07.txt

    Google Scholar 

  4. IETF, “TOTP: Time-based One-time Password Algorithm”, http://www.ietf.org/internet-drafts/draftmraihi-totp-timebased-00.txt

    Google Scholar 

  5. MasterCard International Incorporated, “Chip Authentication Program — Functional Architecture”, September 2004

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Office of CTO, ActivIdentity (UK), 117 Waterloo Road, London, SE1 8UL

    Philip Hoyer (Senior Architect)

Authors
  1. Philip Hoyer
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Norbert Pohlmann Helmut Reimer Wolfgang Schneider

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Vieweg+Teubner | GWV Fachverlage GmbH, Wiesbaden

About this chapter

Cite this chapter

Hoyer, P. (2009). OTP and Challenge/Response algorithms for financial and e-government identity assurance: current landscape and trends. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2008 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9283-6_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-8348-9283-6_29

  • Publisher Name: Vieweg+Teubner

  • Print ISBN: 978-3-8348-0660-4

  • Online ISBN: 978-3-8348-9283-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation