ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Is CA Mobile OTP secured during transmission and storage?


Article ID: 108037


Updated On:


CA Rapid App Security CA Advanced Authentication CA API Gateway


I have these questions on CA Mobile OTP:
1. When user inputs the Mobile OTP, when it travels to CA AA server is it encrypted?
2. Do we store CA Mobile OTP in database in clear text?


Component: RSKFRT


1. The Mobile OTP key(card string) is encrypted with the activation code when sent to the client device.However, we recommend to use HTTPS for all communications for added security.
2. Mobile OTP key is encrypted and stored in the database.