Scenarios
OATH
Advanced
Mobile Guides
Integration
References
Abbreviations and terminology
Mobile Protector SDK
REST API
REST API scenarios

Abbreviations

Acronym Meaning
API Application Programming Interface
ASCII American Standard Code for Information Interchange
CAP Chip Authentication Program
DSKPP Dynamic Symmetric Key Provisioning Protocol
ESN Electronic Serial Number
EPS Enrollment and Provisioning Server
HOTP An HMAC-Based OTP Algorithm
HSM Hardware Security Module
HTTP Hypertext Transfer Protocol
IMEI International Mobile Equipment Identifier
IMSI International Mobile Subscriber Identifier
JSON JavaScript Object Notation
JWT JSON web token
OATH Initiative for Open Authentication
OCRA OATH Challenge-Response Algorithm
OOB Out Of Band
OTP One Time Password
PAN Primary Account Number
PIN Personal Identification Number
PM Password Manager
PSN PAN Sequence Number
PTC PIN Try Counter
N/A Not Applicable
RC Registration Code
REST Representational State Transfer
SDK Software Development Kit. Depending on context it may also refer to Ezio Mobile SDK.
SM Security Module (see also HSM and SSM)
SMS Short Message Service
SSM Software Security Module
TLS Transport Layer Security
TOTP Time-based One-time Password Algorithm
URL Universal Resource Locator
VIC Verify Issuer Code
VICATC VIC Application Transaction Counter
VICTC VIC Try Counter
WADL Web Application Description Language
XML Extensible Markup Language

Terminology

Term Definition
Device key A cryptographic key associated with the authentication method of a specific token. For OATH, this is usually referred to as the OATH seed.
Domain A logical partitioning of configuration and operational keys in EPS to support a multi-tenant setup.
Enrollment The process of creating a token for a user within EPS so that credentials are generated or derived and propagated to back-end systems such as authentications servers. The enrollment step is a prerequisite of the provisioning step.
Ezio Mobile SDK The client side part of the Ezio Mobile solution consisting of an SDK that is used to build secure eBanking or mBanking applications on different mobile platforms.
Integration Plug-In Plug-in Java class in EPS using the public integration API to provision tokens to external systems
Provisioning The process of securely transporting user credentials from the EPS to the mobile device so that an application can provide authentication and signing services.
Seed A token key for OATH. The seed is normally randomly generated as opposed to a CAP device key which is derived.
Template File containing token details and configuration. When an enrollment is performed, a template name needs to be provided and the token will be generated accordingly.
Tenant Each IdCloud customer is enrolled as a tenant on the server. Each tenant’s data is isolated so that it is impossible to access the data of other tenants
Token A token is the Ezio Mobile’s representation of a user credentials. A token is enrolled in the Ezio Mobile EPS and later provisioned to Ezio Mobile SDK on the mobile device.
Token ID The unique identifier assigned to a token by EPS.
JSON Web Token A compact URL-safe means of representing claims to be transferred between two parties.
User The person performing banking operations by using an application built with the use of Ezio Mobile SDK.
User Token ID A unique per user ID for a token.