The basics of multi-factor authentication: QR Tokens – Highly secure and highly versatile

Lesezeit: 2 Minuten

One of the most secure and reliable ways to secure logins, data and transactions are QR tokens. They provide an easy-to-use and secure solution to multi-factor-authentication (MFA). And this is how authentication via QR tokens works: For a login or transaction, the user is shown a QR code. The user simply scans the QR code with the authenticator app on his smartphone.

All the user needs is mobile connectivity, no additional user input is necessary and no additional data is saved on the authenticated device. This means that QR tokens provided through the KeyIdentity MFA platform and LinOTP solution can also be used to facilitate secure offline authentication for laptops and mobile devices. Based on modern signature algorithms as well as the principles of device separation and transaction data validation, QR tokens allow for the highest level of security.

Areas of use for QR tokens

Because they are both extremely secure and able to facilitate secure offline authentication, QR tokens are the perfect authentication method for instances where the physical and the digital world intersect. The nature of QR tokens also allows to finally provide a secure offline authentication for laptops and mobile devices. No secret data is saved on the authenticated device. With the user’s smartphone it is easy to scan the code and login with a TAN, even when there is no connection to the backend possible at the time, without a compromise on security.

Highest level of security

QR tokens are one of the most secure authentication methods. Not only do they offer device separation and transaction data validation, they are also easy to roll out in self-service scenarios and provide the same TCO as other soft tokens. Finally, the fact that they are usable in offline scenarios means that not only are they one of the most secure, but also versatile tokens and will replace existing authentication methods over time. They enable enterprises to comply with regulatory requirements like PSD2 for financial transactions or the new General Data Protection Regulation (GDPR).

If you want to find out more about token technology and multi-factor authentication, check our blog entry “How to pick the right token”. There you can find a more extensive overview of the latest status of token technologies for multi-factor authentication.


You want to test LinOTP? Register for a free trial!

Von |2018-12-04T15:40:42+01:007. September, 2017 um 16:49 Uhr|KEYIDENTITY, LINOTP|Noch keine Kommentare

Über den Autor:

Manuela Kohlhas