Is CA Mobile OTP secured during transmission and storage?
Article ID: 108037
Updated On:
Products
CA Rapid App Security
CA Advanced Authentication
CA API Gateway
Issue/Introduction
I have these questions on CA Mobile OTP:
1. When user inputs the Mobile OTP, when it travels to CA AA server is it encrypted?
2. Do we store CA Mobile OTP in database in clear text?
Environment
Release:
Component: RSKFRT
Component: RSKFRT
Resolution
1. The Mobile OTP key(card string) is encrypted with the activation code when sent to the client device.However, we recommend to use HTTPS for all communications for added security.
2. Mobile OTP key is encrypted and stored in the database.
2. Mobile OTP key is encrypted and stored in the database.
Feedback
Powered by
