CA Strong Authentication UNIX Installation Guide › Understanding the Basics › CA Strong Authentication Plug Ins

CA Strong Authentication Plug Ins

CA Strong Authentication provides the following authentication methods out-of-the-box:

• CA Auth ID

  CA Auth ID is a CA-proprietary secure software credential that provides two-factor authentication. The CA Auth ID is a small data file that by itself can be used for strong authentication to a variety of clients such as, Web or Virtual Private Networks (VPNs).

  See "CA Auth ID Key Concepts" for more information about CA Auth ID.

• Password

  A regular credential, where the user is issued a username and a password to log in to the system.

• One-Time Password

  One-time password is another credential generated by CA Strong Authentication Server. An OTP/Activation Code can be numeric or an alpha-numeric string. It is also possible to configure the number of times it can be used.

• OATH-Compliant One-Time Password

  One-time passwords that are complaint to Open Authentication (OATH) standards. CA Strong Authentication supports both counter-based OATH OTP/Activation Codes (HOTPs) and time-based OATH OTP Tokens (TOTPs).

• Question and Answer

  Question and Answer (also known as QnA) is a challenge-response authentication mechanism. Users authenticate to CA Strong Authentication Server by providing correct answers for the questions they are asked. These Questions and Answers are set by the users themselves during registration.

• CA MobileOTP

  CA Auth ID OTP is compliant to the OATH, Europay, MasterCard, and VISA (EMV) standards. If your application is integrated with CA Auth ID OTP, then it accepts the user’s password as an input and generates passwords (also known as passcodes) on the users’ device. The user, then, submits this generated passcode to authenticate to your Web application. Based on the authentication result, the user is granted access to the protected application or denied access.

  Passcode generation is an offline process, which means that your application need not be connected to CA Strong Authentication for generating passcodes.

• LDAP Username-Password

  CA Strong Authentication supports LDAP authentication, where the user credentials in the directory service are used to authenticate users.

You can issue one or more of these credentials to your users. You can also issue multiple credentials of the same type. For example, you can issue two password credentials, an CA Auth ID credential, and a QnA credential for a single user.

If you want to extend the default authentication mechanisms, then CA Strong Authentication provides you the flexibility to do so by writing Plug-Ins.