{"id":407,"date":"2015-05-05T15:57:32","date_gmt":"2015-05-05T12:57:32","guid":{"rendered":"https:\/\/www.protectimus.com\/blog\/?p=407"},"modified":"2019-06-07T17:10:48","modified_gmt":"2019-06-07T14:10:48","slug":"recommendations-for-using-cwys-data-signing","status":"publish","type":"post","link":"https:\/\/www.protectimus.com\/blog\/recommendations-for-using-cwys-data-signing\/","title":{"rendered":"Recommendations for Using CWYS Data Signing"},"content":{"rendered":"<p>In the previous post, we <a title=\"Detailed Information on Data Signing\" href=\"https:\/\/www.protectimus.com\/blog\/detailed-information-on-data-signing\/\">reviewed the CWYS<\/a> (Confirm What You See) mechanism, which allows generating one-time passwords on the basis of the data being&nbsp;protected.<\/p>\n<p>You can also see how two-factor authentication works and test the CWYS function here:&nbsp;<a href='https:\/\/www.protectimus.com\/demo' class='big-button bigblue'>Demo<\/a><\/p>\n<p>Users are often faced with this question: what data should be used during the \u041e\u0422\u0420 generation to ensure the best protection for the system. Let\u2019s consider the most common situation where the CWYS function is used \u2013 verification of transactions in payment and banking systems. To ensure protection for such transactions, we recommend using the following data:<\/p>\n<div id=\"attachment_409\" style=\"width: 410px\" class=\"wp-caption alignright\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-409\" class=\"wp-image-409\" src=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/CWYS-transactions-en.jpg\" alt=\"CWYS function for verification of transactions \" width=\"400\" height=\"219\" srcset=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/CWYS-transactions-en.jpg 482w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/CWYS-transactions-en-300x164.jpg 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><p id=\"caption-attachment-409\" class=\"wp-caption-text\">CWYS function is used for verification of transactions<\/p><\/div>\n<ul>\n<li>amount;<\/li>\n<li>currency;<\/li>\n<li>payee;<\/li>\n<li>identifier or transaction number;<\/li>\n<li>user\u2019s current balance or balance after the transaction;<\/li>\n<li>any additional data that needs to be protected against modification or falsification from the point of view of your business processes, for example, transaction date, user\u2019s IP address, etc.<\/li>\n<\/ul>\n<p>It is important to note that at each step of working with <a href=\"https:\/\/www.protectimus.com\" target=\"_blank\" rel=\"noopener noreferrer\">Protectimus<\/a> only the current data that the user is working with at this moment should be used, not cached data. We are talking about the situation which can happen with the balance. Sometimes the balance is recalculated on the basis of a certain system event, while the user sees its state at a certain point in time.<\/p>\n<p>Using such details in the \u041e\u0422\u0420 generation process protects from data replacement in a short period of time between the creation and execution of a transaction, thus protecting a user against losing money and protecting your system against reputation risks and other types of risks.<\/p>\n<span class=\"et_bloom_bottom_trigger\"><\/span>","protected":false},"excerpt":{"rendered":"<p>Users exploiting CWYS (Confirm What You See) are often faced with this question: what data should be included in the \u041e\u0422\u0420 generation for ensure the best protection for the system. In this article you will find the answer to this question.<\/p>\n","protected":false},"author":2,"featured_media":4593,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[3,9],"tags":[142,134],"class_list":["post-407","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-engineering","category-protectimus-products","tag-cwys","tag-data-signing"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/407","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/comments?post=407"}],"version-history":[{"count":5,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/407\/revisions"}],"predecessor-version":[{"id":4594,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/407\/revisions\/4594"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/media\/4593"}],"wp:attachment":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/media?parent=407"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/categories?post=407"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/tags?post=407"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}