Recommendations for Using CWYS Data Signing

In the previous post, we reviewed the CWYS (Confirm What You See) mechanism, which allows generating one-time passwords on the basis of the data being protected.

You can also see how two-factor authentication works and test the CWYS function here: Demo

Users are often faced with this question: what data should be used during the ОТР generation to ensure the best protection for the system. Let’s consider the most common situation where the CWYS function is used – verification of transactions in payment and banking systems. To ensure protection for such transactions, we recommend using the following data:

CWYS function for verification of transactions

CWYS function is used for verification of transactions

  • amount;
  • currency;
  • payee;
  • identifier or transaction number;
  • user’s current balance or balance after the transaction;
  • any additional data that needs to be protected against modification or falsification from the point of view of your business processes, for example, transaction date, user’s IP address, etc.

It is important to note that at each step of working with Protectimus only the current data that the user is working with at this moment should be used, not cached data. We are talking about the situation which can happen with the balance. Sometimes the balance is recalculated on the basis of a certain system event, while the user sees its state at a certain point in time.

Using such details in the ОТР generation process protects from data replacement in a short period of time between the creation and execution of a transaction, thus protecting a user against losing money and protecting your system against reputation risks and other types of risks.

Author: Denis Shokotko

Once upon a time, in a small town there lived a boy named little Denis. As years went by and the boy grew up, his interest in everything new and unknown grew, too. Denis was particularly interested in information technologies. And, his feelings were reciprocated. His new hobby was so fascinating that he decided to devote the rest of his life to it. Soon after that, he developed his first software program, then another one and another one, and more... In software development, no one could compare to him. His talent could not but be noticed and appreciated. Before long, he is among the originators of a new innovative project. And now, Protectimus in Denis’ life is like a mistress that would not share him with another or put up with any unfaithfulness :)

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from Protectimus blog.

You have successfully subscribed!

Share This