Diagram 1 shows the process of performing a transaction requiring verification.<\/p>\n
![\"Transaction](\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/03\/2fa-data-signing-CWYS-in-details.png\")
<\/p>\n
To send data to Protectimus and receive a challenge, a user must call the POST method at<\/p>\n
https:\/\/api.protectimus.com\/api\/v1\/token-service\/tokens\/sign-transaction<\/p>\n
using these mandatory parameters:<\/p>\n
- \n
- tokenId \u2013 user\u2019s token identifier;<\/li>\n
- transactionData \u2013 transaction details to be used in \u041e\u0422\u0420 generation;<\/li>\n
- hash \u2013 \u041d\u041c\u0410\u0421-SHA256 hash of the transactionData string to verify the integrity of the data received; the user\u2019s API key is used as the key.<\/li>\n<\/ul>\n
In the response, you will receive XML or JSON with the following elements:<\/p>\n
- \n
- challenge – challenge for the \u041e\u0422\u0420 generation algorithm;<\/li>\n
- transactionData \u2013 encrypted transaction details;<\/li>\n
- tokenType \u2013 token type;<\/li>\n
- tokenName \u2013 token name;<\/li>\n
- id \u2013 token identifier.<\/li>\n<\/ul>\n
For a user with a Smart token, a QR code needs to be generated and displayed; for users with other types of tokens or for users unable to scan the QR code, there has to be a displayed, which they must enter in the token to generate an \u041e\u0422\u0420.<\/p>\n
For example, if in the reply you received a challenge equal to 191,565, and the value of transactionData = 9 \/ vhmVzLIm \/ M + 8w9QXiJDA ==, then the row for QR code generation will look as follows:<\/p>\n
transaction: \/\/ challenge = 191565 & transactionData = 9 \/ vhmVzLIm \/ M + 8w9QXiJDA ==<\/p>\n
To complete the process and verify the transaction, the user must provide the OTP received to the system being protected. After receiving the \u041e\u0422\u0420, the system again sends a POST request to this address:<\/p>\n
https:\/\/api.protectimus.com\/api\/v1\/token-service\/tokens\/verify-signed-transaction<\/p>\n
with the following parameters:<\/p>\n
- \n
- tokenId \u2013 user\u2019s token identifier;<\/li>\n
- transactionData \u2013 details of the transaction being verified (it is important to send the details that will be sent to perform the transaction, not those received when performing the previous steps);<\/li>\n
- hash \u2013 hash of the transactionData string generated in the same way as when calling the previous method;<\/li>\n
- otp \u2013 one-time password provided by the user.<\/li>\n<\/ul>\n
In response, the system being protected will receive information on the validity of the one-time password provided.<\/p>\n
The CWYS function will be available in the new version of the Protectimus software. If you want to protect yourself and your data now, please contact the customer support service to get this new and advanced tool today.<\/p>\n<\/span>","protected":false},"excerpt":{"rendered":"
In response to new challenges, Protectimus has developed a powerful means of protection against auto-filling, injecting, and other types of malicious software that manipulates and modifies data during transactions. The new data confirmation function called CWYS (Confirm What You See) is available in the Ultra, Smart, SMS, and Mail tokens.<\/p>\n","protected":false},"author":2,"featured_media":4857,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[3,9],"tags":[16,142,118,134,99],"class_list":["post-352","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-engineering","category-protectimus-products","tag-2fa","tag-cwys","tag-data-protection","tag-data-signing","tag-two-factor-authentication"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/352","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/comments?post=352"}],"version-history":[{"count":11,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/352\/revisions"}],"predecessor-version":[{"id":4859,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/352\/revisions\/4859"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/media\/4857"}],"wp:attachment":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/media?parent=352"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/categories?post=352"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/tags?post=352"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}