How can we help?
On this page, we’ve answered frequently asked questions about authentication in general and the Protectimus two-factor authentication solution in particular. You will learn how multi-factor authentication and OTP tokens work, how to integrate the Protectimus 2FA solution into your infrastructure, and how our billing system and partner program work.
What is Multi-Factor Authentication (MFA)?
Multi-Factor Authentication (MFA, 3FA) enhances the security of your account by introducing an additional level of verification during the login process. Rather than solely relying on a password, the system may require supplementary confirmation, such as a unique code sent to your phone through an MFA app, chatbot, push notification, SMS, or email. Alternatively, you might be prompted to respond to a confidential question, utilize fingerprint scanning, or employ the face ID functionality.
What does ОТР mean?
Can a one-time password be hacked?
A one-time password is generated with a secret key that is ‘built into’ your token and that is known only to our service. No other device can generate the correct one-time password without the knowledge of secret and securely protected information. We use password generation algorithms that virtually eliminate the possibility of a password getting hacked.
Since a token is not connected to a server in any way, it is impossible to intercept a password while it is being transferred.
A potential intruder may try to simply come up with the correct password by trying various combinations of characters, but the system is well protected against this type of attack – after a certain number of attempts, an account is locked for 5 minutes, which renders such an attack ineffective.
Is the two-factor authentication mechanism reliable?
Today, multi-factor authentication with one-time passwords is widely recognized as the most reliable and effective mechanism of protection against unauthorized access. The ОТР mechanism is more reliable that authentication based on biometric parameters and undoubtedly much more reliable than regular static passwords.
I’ve read that biometric authentication is the most reliable type of authentication; is that correct?
The problem with biometric authentication is that a parameter verified can be copied, but it can’t be modified. It is easy to obtain a person’s fingerprint and make a copy of it, but a person’s fingerprint cannot be changed or modified, unlike a token that can be re-issued. Besides, how would you even know that your biometric data was copied?
Of course, many attempts have been made to improve the mechanism, and it is not as easy to trick the modern scanners – they are smart enough to distinguish between a real person and a mechanical copy. But it makes little sense to try to outsmart a scanner, because in the end the scan result is transformed into a set of digital characters. And, as already mentioned above, biometric parameters do not change, which means that once such data is lost, your authenticators (your fingerprints, your eye retina, etc.) are compromised forever.
Besides, biometric authentication always involves assessment that’s probabilistic in nature; it is aimed at assessing a tested sample’s equivalence to the reference standard. Therefore, depending on the settings, there is either a chance that access to the system will be given to a person with similar characteristics or a chance that a valid user will not be given access to the system.
Moreover, when one considers all the various ways in which potential intruders can gain access to one’s biometric data, one begins to doubt whether it is reasonable to use biometric data at all.
ОТРs eliminate the possibility of all the situations described above.In our opinion, biometrics can serve as an effective identification tool, but the task of authentication is best left to ОТРs.
Is your solution secure?
Our solution operates based on the OATH standards accepted in the two-factor authentication industry worldwide.
I have a great idea that may be of interest to you; how can I share it with you?
Contact us through the feedback form! If your idea is indeed interesting, we will find a way to express our gratitude.
I have discovered a bug in your service, and I would like to receive a reward – how can I do it?
If you have found a bug in our system, contact us using any method convenient for you; we will fix the bug as soon as possible, and you will be rewarded for your help.
How can you help me earn some money?
We are an open innovative company interested in various forms of mutually beneficial collaboration. We are ready to encourage ideas that will help us optimize our expenses, increase our profits, and improve to become a better company. Learn about our affiliate program, or share your ideas, comments, and recommendations through the feedback form.
Can the service plan I choose be customized to better meet my needs and requirements?
Why does a customized service plan cost more than a preset plan with the same parameters?
When can I change my service plan?
You can change, temporarily suspend, or activate a service plan at any time.
Why can’t I change my service plan?
Most likely, you have created more objects than the service plan you are interested in allows. You need either to use a service plan that has a sufficient range of services or to have fewer objects to be able to use a less expensive service package.
Is it possible not to have my account debited if I temporarily suspend my usage of your service?
Of course, you can suspend payments from your account if necessary by clicking the ‘Deactivate’ button in the column specifying your current service plan on this page: pricing Once your plan is deactivated, your account will be debited for the amount of payment for the current date. Your account will not be further debited until the plan is re-activated.Please note that if your service plan is not active, you will not be able to use the API, which means that you will not be able to authenticate your users through our system.
What happens when my account balance reaches zero?
If you allowed for our system credit to be used, the system will continue to work even with a negative balance in your account. If the credit limit has been used up, and your account has not been replenished, the system’s services will be temporarily suspended.
What does ‘system credit’ mean?
We realize the importance of our system for the success of your business, and we will keep the system working for you even when your account balance reaches zero. The system will continue to work even when you are “in the red”, giving you ‘system credit’ which you must repay when you replenish your account; please note that no commission fee is charged for this service. The credit amount depends on the amount of services you purchased in the last 12 months. Also, you will receive a notification when your account balance is critically close to zero, to make sure that the system does not stop working due to lack of funds in your account. You can enable or disable the ‘Credit’ service in your profile in Protectimus Service, in the ‘Financial Settings’ tab.
How is my account debited?
For an active service plan, your account is debited once a day. It happens either according to a specific schedule, or following the first deactivation of a service plan.
What do I need to do to configure support of two-factor authentication on my website?
- Register in our service;
- Create users and assign tokens to users;
- Create a resource;
- Assign users created to a project;
- Download an auxiliary library using our instructions;
- Activate work with the API by activating a service plan;
What programming languages do you provide integration libraries for?
We currently provide libraries for the following programming languages: Java, Pyton, and PHP. Soon, we will also have libraries for Ruby, .Net, and other programming languages.
They say that integration with your service literally just takes a few hours – it that true?
Yes, that’s absolutely correct. We have done everything we can to make the integration process as simple as possible. We offer different levels of integration: from authentication to full-scale management of tokens, users, and resources through the API. If you choose the basic support of two-factor authentication on your resource, the integration process will take about 2 hours. Naturally, the integrator level and your system’s complexity level should be taken into consideration.
What is a token?
What happens if a potential intruder steals my token?
What tokens do you support?
We offer a wide variety of Protectimus tokens optimized for use in our system. In addition, you can use other standard tokens, for example: SafeNet, Yubico, and Google Authenticator.
Can I order tokens with my own logo on them?
Yes, you can. Please contact our support service.
What do the stars on ‘create token’ buttons mean?
The number of stars shows a token’s integrity level. The more golden stars, the higher a token’s level of reliability. The integrity level depends on how the secret key is stored, what algorithm is used, and how difficult it is for a potential intruder to access a generated password.
How can I protect myself if my token was stolen?
To prevent a token from getting stolen, there is a PIN code that makes it impossible for a potential intruder to use a stolen token. So, use your PIN code.
Besides, unlike a regular static password, theft of a token is always easy to discover, which means that a user can quickly lock his/her account to prevent a potential intruder’s malicious and/or unauthorized actions.
Can the OTP value be intercepted from my token?
A token does not need to be connected to a server to generate a password; therefore, it is impossible to intercept a password while it is being transferred.
Is the Internet connection a requirement for a token to generate a password?
A token is a stand-alone device that independently generates a one-time password. No access to any network(s) is required.
What is the affiliate program offered by Protectimus?
Who can become a partner?
How can I become a member of the affiliate program?
To become our partner, you will need to complete the process of registration that will not take much time.
What will I receive for it?
Once a customer registers and confirms you as their referrer, you will receive 20% of all their payments for the Cloud Service or On-Premise Platform and 10% of their payments for OTP tokens.
How can I use the money I earn?
There are two options for using the money you earn: you can cash it or transfer it to any Protectimus account. If you choose the latter option, the amount you will receive will be increased by 25%.
How can I withdraw and cash the money I earn?
It is very easy. You can specify the withdrawal amount and the payment recipient’s account details by clicking on your email in the right-hand upper corner in the service and then going to the Affiliate Program section. After verifying all the details, the operator will make a payment.
How is the platform different from the service? Why do I need the platform, and what are its advantages?
What OS can the platform be installed in?
Отправьте нам сообщение
Если у Вас остались вопросы, воспользуйтесь формой ниже или свяжитесь с нами другим удобным для Вас способом. Все контактные данные доступны на странице Контакты. Как правило, мы отвечаем в течение одного рабочего дня.
Отправьте нам сообщение
Если у Вас остались вопросы, воспользуйтесь формой ниже или свяжитесь с нами другим удобным для Вас способом. Все контактные данные доступны на странице Контакты. Как правило, мы отвечаем в течение одного рабочего дня.
