Authenticate Using a HID Approve Secure Code

The HID Approve application offers a backup method to authenticate if the user's mobile device does not have network reception – manual Secure Code generation.

The Secure Code can be obtained:

  • Directly

  • By entering a challenge (Challenge/Response)

  • By entering signature Data (Signature)

Note:

  • Secure Code is generated using the Mobile OATH keys provisioned during the Service registration, and the user authenticates using the Customer One-Time Password.

  • Secure Code characteristics are configurable in ActivID AS.

  • The look and feel of the notifications can be customized to meet your branding/deployment requirements.

  • To use biometric authentication as the key protection method, the option must be enabled.

Authenticate with a Secure Code OTP

HID Approve application allows generating a One-Time Password (OTP) as a backup authentication method if your device does not have network reception.

  1. If necessary, the user taps/clicks the Secure Code icon.

    iOS/Android

    macOS

    Windows 10

    The user taps on the device screen. The user clicks Generate.

     

    Password prompt:

    iOS/Android

     

    macOS

     

    Windows 10

    Screenshot_20170420-194243

    Biometric prompt (Android, iOS and macOS only):

  2. If the service is protected, the user enters the Password and then taps OK, or provide their biometric credential (fingerprint/face).

    The Secure Code is generated and displayed (by default, for 60 seconds).

    iOS/Android

    macOS

    Windows 10

  3. The user can copy the Secure Code to the device’s clipboard by simply pressing the code on the screen.

  4. The user selects the Secure Code authentication method in the bank’s web portal.

  5. The user logs on using the Secure Code.

    6. The user’s statistics are displayed in the ActivID Management Console.

Authenticate with a Secure Code Challenge/Response

By simply tapping the mobile device screen after having entered a challenge (supplied by the web portal), the user can generate a response and use it as a Secure Code to authenticate.

  1. The user requests a Challenge in the bank’s web portal.

  1. The user taps the application’s Challenge-Response icon.

    iOS/Android

    macOS

    Windows 10

  2. The user enters the portal’s Challenge in the application.

    Alternatively, if the OCRA data scan feature is enabled, the user taps the Scan icon to scan the Challenge QR code.

    3. HID Approve populates the field with the Challenge value.

  3. The user then taps OK on the keyboard or simply taps the device’s screen.

    Password prompt:

    iOS/Android

     

    macOS

     

    Windows 10

    Screenshot_20170420-194243

    Biometric prompt (Android, iOS and macOS only):

         

  4. If the service is protected, the user enters the Password and taps OK, or provides their biometric credential (fingerprint/face).

    The Secure Code is generated and displayed (by default, for 60 seconds).

    iOS/Android

    macOS

    Windows 10

  5. The user can copy the Secure Code to the device’s clipboard by simply pressing the code on the screen.

  6. The user logs on to the web portal using the Secure Code.