Cell-OTP™ Service Administrators Guide Version 1.1 - Digi-Sign
-
Upload
khangminh22 -
Category
Documents
-
view
0 -
download
0
Transcript of Cell-OTP™ Service Administrators Guide Version 1.1 - Digi-Sign
[2] © Digi-Sign, The Certificate Corporation, Copyright 2010
Title:
Cell-OTP™ Service
Administrators Guide
Version 1.1
Document Type: Cell-OTP™ Administrators Guide
Reviewed: Technical Department
FileTracker: S:\External\Cell-OTP\Cell-OTP Service Administrators Manual v1.1.doc
Copyright: Copyright © 2002-2011, Digi-Sign, The Certificate Corporation
Contributors:
Name Code Date Revision
Author/Design
P. Michalski PM001 26 Jan’ 2009 n/a
Technical
M. Ravel MR001 17 Mar’ 2010 n/a
Approved
P. Reynolds PR001 17 Dec’ 2010 n/a
[3] © Digi-Sign, The Certificate Corporation, Copyright 2010
Table of Contents
1 Introduction ___________________________________________________4
1.1 Executive Summary __________________________________________4
2 Cell-OTP™ Overview _____________________________________________5
2.1 What is Cell-OTP™ ___________________________________________5
2.2 Why You Should Use Cell-OTP™ _________________________________5
2.3 How Cell-OTP™ Works ________________________________________5
2.4 How Cell-OTP™ is Issued & Managed _____________________________6
2.5 Cell-OTP™ Versions __________________________________________6
2.5.1 Cell-OTP™ Service ____________________________________________ 6
2.5.2 Cell-OTP™ Server ____________________________________________ 6
2.6 Using Cell-OTP™ _____________________________________________6
2.6.1 Secure Server Access _________________________________________ 7
2.6.1.1 Administrator Invited __________________________________ 7
2.6.1.2 Subscriber Requested__________________________________ 7
2.6.2 Cell-OTP™ Storage ___________________________________________ 7
2.6.3 Multiple Site Accounts _________________________________________ 7
2.6.4 Cell-OTP™ Simple Deployment __________________________________ 7
2.7 Server Requirements _________________________________________8
3 Using Cell-OTP™ ________________________________________________9
3.1 Site Identification [SID] Number ________________________________9
3.2 Administrator Account ________________________________________9
3.3 Cell-OTP™ AS Management System ______________________________9
3.3.1 Create Site Details___________________________________________ 10
3.3.2 Manage Users ______________________________________________ 12
3.3.3 Manage Site Templates _______________________________________ 13
3.3.3.1 Authentication Services _______________________________ 14
3.3.3.2 AddIdentity_________________________________________ 14
3.3.3.3 AuthenticateIdentity__________________________________ 15
3.3.3.4 getServerTime ______________________________________ 16
3.3.3.5 Templates for Calling Services __________________________ 16
3.3.3.6 SMS / Email Options__________________________________ 18
3.4 Support___________________________________________________19
[4] © Digi-Sign, The Certificate Corporation, Copyright 2010
1 Introduction
This guide is intended to assist Administrators in selecting, configuring and
administering the Cell-OTP™ one-time-password, two factor
authentication system. It is assumed that the audience and readers of
this guide have a basic understanding of the concepts of information
technology and the administration and management of web servers.
1.1 Executive Summary
Feature Benefit
As more applications use
the internet, security is
an issue
As more and more applications are hosted and accessed
on the internet, how these systems are protected to
prevent unauthorised access is of paramount importance
Usernames & passwords
do not provide the
security you need
Usernames and passwords provide limited protection and
should not be considered as sufficient security for your
systems access
To improve security, a
second layer of protection
is needed
Adding a 'second layer' of protection, called 'two factor
authentication', is the preferred security option that
strengthens the existing username and password access
‘Something you know’ &
‘something you possess’
When you combine usernames and passwords (something
the user knows with something the user possess) you
achieve the desired two factor authentication security
There are many two
factor authentication
solutions
One-Time-Password [OTP] hardware tokens, software
agents, mobile phone SMS technology and authentication
servers, all offer good two factor authentication
But they are cumbersome
& expensive to implement
Purchasing and installing the central hardware and then
distributing hardware to end users can be very costly
Whilst Digi-Access™ is
simple & inexpensive to
deploy
Digi-Access™ uses military grade digital certificate
security that can be activated and deployed at a fraction
of the costlier alternatives
Digi-Access™ lacks
complete mobility
There are situations where Digi-Access™ cannot meet the
demands of your environment and the best alternative is
Cell-OTP™ fills this gap &
is completely mobile
The OTP hardware token can now be replaced by using
your cell phone to generate the One-Time-Password
Highly scalable Cell-OTP™ can issue and manage millions of users
No maintenance costs The per user, per annum cost means there are no hidden
costs or no additional annual maintenance charges
Overall best value for
money, mobile two factor
authentication
Faster to configure and enable. No hardware or software.
No specialist engineering personnel. Makes Cell-OTP™ the
most efficient, mobile two factor authentication solution
[5] © Digi-Sign, The Certificate Corporation, Copyright 2010
2 Cell-OTP™ Overview
As more organisations choose to host business critical applications on the internet, ensuring
that only authorised users can access these applications is of paramount importance.
Usernames and passwords (something that you know - single factor authentication) cannot
be considered a secure method of protecting this data. And responsible organisations have
been using two factor authentication (something that you know combined with something
you possess) to protect these assets.
Probably the simplest two factor authentication system to implement is Digi-Access™,
however, when the issue of high mobility arises, then an alternative to Digi-Access™ is
required. Cell-OTP™ ‘fills the gap’ between Digi-Access™ and complete mobility by using
your cell phone to generate one-time-passwords [OTP]. As implied in the name, these
passwords can only be used once and because they are generated on the cell phone device,
are impossible to copy, steal, reuse, etc.
2.1 What is Cell-OTP™
2.1.1 Strong security
on your cell
phone
Cell-OTP™ is the affordable and easy to deploy identity
management and strong two factor authentication solution that
uses your cell phone to generate one time passwords [OTP]
2.1.2 Unique one
time password
generator
Cell-OTP™ is a small application that is installed on your cell
phone, like a ring tone or game, that generates the one time
password [OTP] that can be used only once, to login to a server
2.1.3 Synchronised
with the server
The server login uses scripting languages and RADIUS
technology to synchronise the OTP with the server login
2.2 Why You Should Use Cell-OTP™
2.2.1 More secure
access to
digital assets
Online system owners that wish to secure access to their online
systems use Cell-OTP™ to provide strong two factor
authentication to the users of these systems
2.2.2 Unique identity
cannot be
copied or
shared
Every request for the OTP is unique and can use both letters and
numbers to create an exponentially long and unique password
that is simply too complicated to be ‘bluffed’ or ‘bruted’. And
every password can only be used once
2.3 How Cell-OTP™ Works
2.3.1 Passwords
offer single/one
factor
authentication
When you login to a secure online site or system with a
username and password, this username and password is
'something you know'. This is single or one factor
authentication
2.3.2 Cell-OTP™
adds a second
security layer
If the site requires Cell-OTP™, then in addition to knowing your
username to login you must also have the unique OTP.
Cell-OTP™ is 'something you have' and this adds a second layer
[6] © Digi-Sign, The Certificate Corporation, Copyright 2010
of security known as two factor authentication
2.3.3 Organisations
that care about
security use it
It is this additional layer of two factor authentication security
that protects you and the information you are sending and
viewing. Organisations that use Cell-OTP™ are typically
renowned for respecting the privacy, security and integrity of
their end users and customers
2.4 How Cell-OTP™ is Issued & Managed
2.4.1 The Cell-OTP™
system issues
the certificates
Cell-OTP™ is issued by the Cell-OTP™ Authentication System
[COAS] system. Cell-OTP™ can be downloaded manually to
your phone or the application can be sent by SMS
2.4.2 Cell-OTP™ AS
controls users
The COAS system is used to enable/disable users and to add
additional site access details to the cell phone
2.5 Cell-OTP™ Versions
The Cell-OTP™ application on the phone is synchronised with the Cell-OTP™ Authentication
System that can be delivered as installable software or offered as a service:
2.5.1 Cell-OTP™ Service
2.5.2 Cell-OTP™ Server
2.5.1 Cell-OTP™ Service
The Cell-OTP™ Service is a Software-as-a Service [SaaS] that is suitable for server and web
sites requiring two factor authentication OTP and identity management but where your
organisation does not require ownership of the actual installed software.
If your web site is hosted and/or you don’t want to maintain a costly identity management
system on your server, but you still want your customers to feel secured with this advanced
and innovative technology, then Cell-OTP™ Service is recommended.
2.5.2 Cell-OTP™ Server
The Cell-OTP™ Server AS can is easily installed in-house. It is a powerful two factor
authentication OTP and identity management package that can be linked to any Radius
protocol supporting device or software and/or integrated with any application using its API
and web services. The Cell-OTP™ Server AS can be queried by remote servers to provide
the authentication service to these other servers.
2.6 Using Cell-OTP™
With usernames and passwords, when users want to access a secure site the server checks
the user details against the details held in a database and proceeds according to the results.
[7] © Digi-Sign, The Certificate Corporation, Copyright 2010
Cell-OTP™ does not change the process. The only change is that when the user details are
checked your web site will use the Cell-OTP™ AS to query the validity of the details.
2.6.1 Secure Server Access
There are two principal type of user that require two factor authenticated access, namely:
2.6.1.1 Administrator Invited
2.6.1.2 Subscriber Requested
2.6.1.1 Administrator Invited
Users are centrally managed and added by the Administrator. The administrator has access
to the Cell-OTP™ AS management system and can manage the web site details, servers,
users and logs.
2.6.1.2 Subscriber Requested
When a users register at a website, for example, they enter their details and submit a
request to be registered at the web site. The program adds the user to the database and
may request to verify the user by sending an email for final verification. The Cell-OTP™ AS
does not change the process it only replaces (or adds to) the register function. The web
page will use Cell-OTP™ AS and API to register the user at the Cell-OTP™ AS and next time
this user tries to login the Cell-OTP™ unique, one-time-password will be checked.
2.6.2 Cell-OTP™ Storage
The Cell-OTP™ token is stored on almost any cell phone for ease of use and for portability
and mobility. However, the same application can also be stored on your computer.
2.6.3 Multiple Site Accounts
Cell-OTP™ is more than a single-use token. It is a multiple site accounts tokens manager.
You can add multiple accounts and manage them using the Cell-OTP™ on your phone and
each account has a different OTP.
The Cell-OTP™ AS creates an individual user account and each user account has a shared
secret that uses a long string called the ‘Secret Data’. When adding a new account in the
Cell-OTP™ AS, the Secret Data value is entered once. And this Secret Data can then be
assigned to multiple login accounts at multiple locations.
2.6.4 Cell-OTP™ Simple Deployment
To make the deployment process simple for the customer, there are multiple ways for
delivering the Cell-OTP™ software to the customer cellular and adding the creating the user
account.
[8] © Digi-Sign, The Certificate Corporation, Copyright 2010
Using the Cell-OTP™ API, you can customise multiple ways to deploy the Cell-OTP™
software. The basic option is to invite the user to download and install the Cell-OTP™, just
as you would install any other cell phone application or game.
Once Cell-OTP™ is installed on the cell phone the user will use the menu item ‘Add Site
Account Manually’ to add a new account. In this case the user must know the Secret Data.
Usually the Secret Data is sent to the user by SMS, email, surface mail, or is personally
delivered.
Alternatively, the user can be sent an SMS with the download URL and then can add the
account manually. Or, using the Cell-OTP™ AS, the SMS can contain both the URL and the
account Secret Data as a single, one-click, install.
2.7 Server Requirements
The server, web site or service that wants to use Cell-OTP™, must have a fixed IP address.
[9] © Digi-Sign, The Certificate Corporation, Copyright 2010
3 Using Cell-OTP™ Service
To successfully implement the use of Cell-OTP™, there are X simple steps that must be
followed:
3.1 Site Identification [SID] Number
3.2 Administrator Account
3.3 Cell-OTP™ AS Management
3.3.1 Manage Site Details
3.3.2 Manage User Accounts
3.3.3 Manage Site Templates
3.1 Site Identification [SID] Number
The Site IDentification [SID] is a unique number code that is assigned to your account and
is used on the server to communicate with the Cell-OTP™ AS. During the Cell-OTP™
ordering process, you will have been asked to provide:
- Site/server URL or fixed IP Address
- Administrator’s contact details
The SID is unique for each server and should be kept in a safe place.
3.2 Administrator Account
Using the Administrator details provided when ordering Cell-OTP™ the Administrator’s
account is created and the Secret Data sent to the Administrator to login to the Cell-OTP™
AS.
3.3 Cell-OTP™ AS Management System
The Cell-OTP™ AS is located at: www.megaas.com/wisecat and the Administrator uses their
SUD, username and Cell-OTP™ one-time-password, to login to the Cell-OTP™ AS.
The Cell-OTP™ AS allows the Administrator to manage:
- Site details
- Users and import users
[10] © Digi-Sign, The Certificate Corporation, Copyright 2010
- Site Logs
- Site template messages
- Send SMSs
3.3.1 Site Details
Short Title: abcinc.com
Company: ABC, Inc.
Contact Name: Bob Smith
Email: bob.smith@abcin
Phone: 1122333
Country: United Kingdom
SD Length: 8
Otp Length: 6
Minus Grace: 3
Plus Grace: 3
Site IP: Enabled: True
Enable Register: False
Disable After: 3
Login attempts.
Enable After: 0
hours.
SMS Credits 3,000
Deploy Time 24
Default Jad DIGI1V2
Site notices can be sent to the Contact Email/Cell Phone (SMS requires credits):
New Registration: by Email
Downloaded: by Email
Id Disabled: by Email
Site Updated: by Email
Short Title – A sort name for the site. We suggest no more then 15 characters.
When Cell-OTP™ tokens are deployed by SMS to new users this
value is used as the Site name at the Cell-OTP™ token
Company – full legal company name
Contact name – the admin name
Email – the contact Email. The Email address will be used for automatic
messages and notices generated by the system
Phone – the contact Cellular phone number. This phone number will be used
for automatic messages and notices generated by the system.
Please do not enter + or blanks or leading zeros. The number
should be: country code + phone number
[11] © Digi-Sign, The Certificate Corporation, Copyright 2010
Country – choose the admin country of residence
SD Length – the length of the Secret Data to be generated for each user
OTP Length – the length of the OTP to be generated for this site
Minus/Plus grace – clock miss match allowance. If the difference of the user Cellular
clock minutes and server clock minutes is between the grace gap
the OTP will be accepted
Site IP – your web site fixed IP
Enabled – the status of your web site. Disabled site can not be logged to
Enable Registration – allow the usage of the remote registration service. It means that
the web site will allow users to Register to the web site and will use
the register API
Disable after – the number of consecutive login failures before disabling the user.
Select 0 if you do not want to use this option
Enable After – the number of hours after a user was automatically disabled to
revive the user. Select 0 if you do not want to use this option
SMS credits – the current number of SMS credits available to the site. SMS
credits are purchased from Digi-Sign
Deploy time – when a Cell-OTP™ was deployed to a user by SMS it is available for
a limited number of hours from the time it was sent
Default Jad – the name of the Cell-OTP™ token to be deployed to users by SMS
New Registration – a short message will be sent to the administrator via the chosen
vehicle notify him of any new user that registered to the site.
Downloaded notice – a short message will be sent to the administrator via the chosen
vehicle notify him of any deployed Cell-OTP™ that was received by
the new registered user.
ID Disabled notice – a short message will be sent to the administrator via the chosen
vehicle notify him of any new user was automatically disabled by
the system.
Site Updated notice – a short message will be sent to the administrator via the chosen
vehicle notify him when a change was made to the site, for
example when SMS credits were added.
[12] © Digi-Sign, The Certificate Corporation, Copyright 2010
3.3.2 Manage Users
The Cell-OTP™ users management allows you to Check the users list, Add new users,
Update users and Remove users.
Adding and or updating a user
SID: 11111
User ID:
Full
Name: Email:
Phone: Company: Mega AS
Country: United Kingdom
Expiry Date:
< June 2020 >
Su Mo Tu We Th Fr Sa
31 1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 1 2 3 4
5 6 7 8 9 10 11
User Type: User
Authentication Type: Otp
Enabled: True
Send
Create
Message:
Do not send Select Message Default Email
Encrypt
SD with:
SID – unique SID provided for information only
User ID – a unique User ID, single string of letters and numbers
Full name – the user’s full name
Email – the user Email. This value will be used to send messages to the
user
Phone – the user’s Cell phone number, used for SMS deployment and
messages
Company – the user’s Company. By default it is the site Company
[13] © Digi-Sign, The Certificate Corporation, Copyright 2010
Country – the user’s country of residence
Expiration date – the user’s expiration date. After the expiration date he will not be
able to Login to the web site
User type – the admin can define another admin. The default is a regular user
Authentication type – the type of password used for authentication.
Enabled – the user status. Disabled user can not login to the web site. A user
may become disabled by the system if he failed a number of
consecutive times to provide the correct password.
Send create message – send a predefined message to the new user by a chosen vehicle
with details for the Cell-OTP™ token installation. When using SMS,
the user gets a URL link for downloading his personal Cell-OTP™
token. Notice – currently deployment by SMS works for cellular
types that support JAD type files download.
Select message – select the predefined template message to send to the user. There
are 2 default messages. The admin can add/modify the templates.
Notice – templates used for SMS should not exceed 150 characters.
Encrypt SD with – a password to encrypt the SD of the SMS deployed personal Cell-
OTP™ token for additional security.
3.3.3 Manage Site Templates
SID: 111111
Message Name:
Message Subject:
Message Body:
You can use the following
replaceable parameters.
Those will be populated
when the message is sent:
For identity Full Name:
@@fullname
For identity User ID:
@@userid
For identity Secret Data:
@@SD
[14] © Digi-Sign, The Certificate Corporation, Copyright 2010
Message name – this value is used for selecting the message. It should be a short
text
Message Subject – this value is used as Subject when the message is sent by Email
Message body – the message content. Notice – the are a number of replaceable
parameters that can be in the Message Body:
• For identity Full Name: @@fullname
• For identity User ID: @@userid
• For identity Secret Data: @@SD
These variables are replaced by the values prior to being sent.
For example, a template message such as:
Hi @@fullname, your Cell-OTP™ can be downloaded from: www.cell-otp.com/app
After installation start the Cell-OTP™ app’ and use the Menu to Add Site Manually.
Your Secret Data is: @@SD and your User ID is: @@userid.
Regards, Support Team
Will be sent as to new user bsmith:
Hi Bob Smith, your Cell-OTP™ can be downloaded from: www.cell-otp.com/app
After installation start the Cell-OTP™ app’ and use the Menu to Add Site Manually.
Your Secret Data is: 1q2w3e4a and your User ID is: bsmith.
Regards, Support Team
3.3.3.1 Authentication Services
The following are .Net Web Services to be used in Web Pages:
� AddIdentity - this is the Registry service. Add a new Identity.
� AuthenticateIdentity – perform the Authentication query.
� GetCATToken – prepare values for the Cell-OTP™ token, Is not for public use.
• getServerTime – get the current Server Time. Used to let the users compare with
their Cellular clock. Make sure the deviation is not over the grace allowed.
3.3.3.2 AddIdentity
http://www.megaas.com/wisecatservice/Service.asmx?op=AddIdentity
The values are similar the Management System - the Add new identity option
[15] © Digi-Sign, The Certificate Corporation, Copyright 2010
Parameter Value
txtSid: Your site unique sid
txtUserid: The new user id
txtFullName:
The new user’s full
name. Private Family
txtEmail: The new user’s Email
txtCompany:
txtPhone:
pdEnabled:
pdAuthenticationType: Otp, FixedPassword
txtCountry:
pdSendMessage: None, byEmail, bySMS
pdMessageTitle:
A template message
name
txtEncPassword:
Service returns XML. On success:
<?xml version="1.0" encoding="utf-8" ?>
<string xmlns="http://wisecat.services.com/">Success</string>
On failure:
<?xml version="1.0" encoding="utf-8" ?>
<string xmlns="http://wisecat.services.com/">Failed. User ID already exists.</string>
3.3.3.3 AuthenticateIdentity
http://www.megaas.com/wisecatservice/Service.asmx?op=AuthenticateIdentity
Parameter Value
sid: Your site unique sid
userid: The authenticated User ID
otpassword:
The Cell-OTP™ generated
OTP
Service returns XML:
[16] © Digi-Sign, The Certificate Corporation, Copyright 2010
On success:
<?xml version="1.0" encoding="utf-8" ?>
<boolean xmlns="http://wisecat.services.com/">true</boolean>
On Failure:
<?xml version="1.0" encoding="utf-8" ?>
<boolean xmlns="http://wisecat.services.com/">false</boolean>
3.3.3.4 getServerTime
http://www.megaas.com/wisecatservice/Service.asmx?op=getServerTime
Service returns:
<?xml version="1.0" encoding="utf-8" ?>
<string xmlns="http://wisecat.services.com/">6/15/2010
13:55:21.1621250</string>
3.3.3.5 Templates for Calling Services
The Services were developed using ASP.NET.
3.3.3.5.1 ASP 2.0 Template
AuthenticateIdentity
Dim xmlhttp
Dim DataToSend
DataToSend="sid=" & sid & "&userid=" & userid & "&otpassword=" &
otpassword
Dim postUrl
postUrl =
"http://www.megaas.com/wisecatservice/service.asmx/AuthenticateIdentity"
Set xmlhttp = server.Createobject("MSXML2.XMLHTTP")
xmlhttp.Open "POST",postUrl,false
xmlhttp.setRequestHeader "Content-Type","application/x-www-form-
urlencoded"
xmlhttp.send DataToSend
Dim resp
resp = xmlhttp.responseText
[17] © Digi-Sign, The Certificate Corporation, Copyright 2010
'---------------------------------------
if (instr(resp,"System.Exception") > 0) then
resp = replace(resp,"System.Exception:","")
resp = mid(resp,1,instr(resp,"at") - 1)
end if
Session.Timeout = 30
'-----------------------------------------------
'Check the verification result and move to the next page.
If instr(resp,"true") > 0 then
Session("isvalid") = "Y"
Session("LoginName") = userid
Response.redirect(SuccessURL + "?msg=You have successfuly Logged
into Digi-Sign Server")
Else
Session("isvalid") = "N"
Response.redirect(FailURL & "?msg=" & resp)
End If
3.3.3.5.2 PHP template
http://blogs.msdn.com/b/bramveen/archive/2009/09/03/using-php-to-connect-to-an-asp-
net-2-0-webservice.aspx
AddIdentity
'----------------------------------------------------------------------
' Build the registration process
'----------------------------------------------------------------------
'Valid values:
'pdEnabled = true / false
'pdAuthenticationType = Otp / FixedPassword
'pdSendMessage = None / byEmail / bySMS (for SMS the site has to have
SMS credits)
'pdMessageTitle= None / Message title (if title is wrong the send will
fail)
Dim DataToSend
DataToSend="txtSid=" & sid & "&txtUserid=" & userid & _
"&txtFullName=" & username & _
"&txtEmail=" & email & _
"&txtCompany=" & company & _
"&txtPhone=" & countrycode & phone & _
"&pdEnabled=true" & _
"&pdAuthenticationType=Otp" & _
"&txtCountry=" & countrycode & _
"&pdSendMessage=" & sendby & _
"&pdMessageTitle=" & messagetitle & _
[18] © Digi-Sign, The Certificate Corporation, Copyright 2010
"&txtEncPassword=" & txtEncPassword
Dim postUrl
postUrl =
"http://www.megaas.com/wisecatservice/service.asmx/AddIdentity"
resp = GetService(postUrl, DataToSend )
Session.Timeout = 30
'----------------------------------------------------------------------
' Check the registration rc
'----------------------------------------------------------------------
If instr(resp,"Success") > 0 then
Session("isvalid") = "true"
Response.redirect(successurl + "?msg=Your registration details
were sent to you " & sendby)
Else
Session("isvalid") = "false"
Response.redirect(failurl & "?msg=" & resp)
End If
3.3.3.6 SMS / Email Options
The Cell-OTP™ AS provides SMS or Email messaging capabilities when certain events occur.
The admin can set up the Cell-OTP™ site account whether to receive the messages by Email
or SMS. To receive messages by SMS the account has to have SMS credits. SMS credits can
be purchased from Digi-Sign and information is available on the main website www.digi-
sign.com/cell-otp
The following events will generate a message to the admin user Email or Phone number.
- Your Cell-OTP™ AS account was changed
- Users list was updated or new users added
- User was added or removed
The following will generate a message to a user Email or Phone number (depends on the
decision of the admin)
- When the user is added, his Cell-OTP™ details can be sent by Email or a personal Cell-
OTP™ Download URL can be sent by SMS. Sending a Download URL will work for certain
cellular types, for example – Symbian. We are working to extend that capability to a wider
range of cellular types.
[19] © Digi-Sign, The Certificate Corporation, Copyright 2010
3.4 Support
You can contact our support by Email: [email protected] and we will respond soon as
possible.