Which OS and versions are supported?
– Android version 4.1 (Api Level 16)
– iOS version 10.0
Which device component dependencies exist?
– Camera to scan QR-code
– Push notifications (not mandatory but strongly recommended)
Where are the keys generated?
The keys are generated in the OneTouch app.
Which algorithms are used?
Currently RSA. Client and protocol is prepared for other algorithms.
Which key lengths are supported?
Key length is defined in server-side configuration. Recommended minimum value is 2048 bits. Please be aware of the fact that key-generation execution can be time consuming if the value is very high.
Which interface is used between the app and the Certificate Authority?
Proprietary HTTP-based protocol. JSON data format.
Is it possible to use a 3rd party CA?
Yes.
What mechanisms can be used to unlock key?
PIN or fingerprint (TouchID iOS)
How do you protect the keystore on a rooted / jailbroken device?
Our recommendation is to not use rooted/jailbroken devices.
Is it possible to force strong authentication when enrolling for One Touch?
Yes
Is it possible to use PhenixID One Touch without using PhenixID Authentication Service as the backend server?
No, PhenixID Authentication Service is mandatory. However, PhenixID Authentication Services provides API’s to clients that would like to use PhenixID OneTouch.