Managing Out-of-Band Authentication
Out-of-Band authentication uses two independent networks to separate the OTP delivery channel from the authentication channel.
ActivID AS supports two OOB delivery channels to deliver the OTP - SMS or Email.
The actual SMS/Email OTP is a random number generated by ActivID AS and sent to the user by SMS or email through a delivery gateway.
Note: You can configure multiple SMS and/or Email Delivery Gateways. If the primary gateway fails, then a secondary gateway is automatically used .
- OOB SMS/Email OTPs can be used through a RADIUS channel or any other channel type.
- SMS OTPs can be triggered through a username/activation code or by the service provider.
Users authenticate using the OTP. If the OTP is entered incorrectly, the user can try multiple times before being required to request a new OTP.
A user can be registered for both OTP device authentication and SMS authentication. The OOB authentication can be used when the token is not available (that is, lost/forgotten).
Prerequisites: The user must have a valid email address and/or telephone number, and the OOB Delivery Gateway must be configured for the OOB authenticator.
Note:
- For instructions on how to manage the OOB parameters and OOB delivery gateways, see Configure OOB Delivery Gateways.
- For instructions on configuring Push Notifications, see Configure Feedback for External Applications.
About OOB Authentication RecordsTopics in this section:
See also:
