ECI Authenticator App administers the seamless and secure Two-Way Authentication
Update
Mar 27, 2023
Developer
Category
Installs
1,000+
Rate
0
1. As per the Cyber Security Regulations of the ECI, all critical user actions and secure logins are carried out through two-factor authentication (2FA) wherein a user apart from his/ her password, is also required to enter a ‘One Time Password’ received on his/ her mapped mobile/ email. Presently, the OTP system is used extensively across different applications of ECI. For sending automated system generated OTP by various applications, an SMS Gateway service has been procured by ECI.
2. However, OTP based 2FA scheme causes user inconvenience and wastage of time due to poor network coverage resulting in a substantial delay in receipt of OTP. Consequently, development of a dedicated Android based ‘ECI Authenticator Application’ was conceptualized. This sole objective and aim of the App is to:-
(a) Implement 2-Factor Authentication without resorting to sending OTP through SMS.
(b) The OTP shall not be dependent on mobile network conditions.
(c) Retain security and sanctity of the OTP. The OTP shall not be sent to an email ID.
3. In addition to the android based Authenticator App, ECI has also developed an API for enabling existing web and mobile applications to employ 2FA using ECI Authenticator with minor changes to their existing OTP based 2FA. For offline authentication to work, the Mobile number used for activating ‘ECI Authenticator App’ and mobile number available in the web application database has to be same. The existing business and application flow will remain same, except that the authentication page of the application now need to allow entry of ‘Unique Transaction Identifier (UTI)’ by the user in place of CAPTCHA and entry of ‘One-time Secure Code (OSC)’ in place of OTP.
2. However, OTP based 2FA scheme causes user inconvenience and wastage of time due to poor network coverage resulting in a substantial delay in receipt of OTP. Consequently, development of a dedicated Android based ‘ECI Authenticator Application’ was conceptualized. This sole objective and aim of the App is to:-
(a) Implement 2-Factor Authentication without resorting to sending OTP through SMS.
(b) The OTP shall not be dependent on mobile network conditions.
(c) Retain security and sanctity of the OTP. The OTP shall not be sent to an email ID.
3. In addition to the android based Authenticator App, ECI has also developed an API for enabling existing web and mobile applications to employ 2FA using ECI Authenticator with minor changes to their existing OTP based 2FA. For offline authentication to work, the Mobile number used for activating ‘ECI Authenticator App’ and mobile number available in the web application database has to be same. The existing business and application flow will remain same, except that the authentication page of the application now need to allow entry of ‘Unique Transaction Identifier (UTI)’ by the user in place of CAPTCHA and entry of ‘One-time Secure Code (OSC)’ in place of OTP.
