CA AuthMinder supports UTF-8, which is the variable width 8-bit encoding format of the universal Unicode encoding scheme.
Note: For information about configuring UTF-8, see "Configure UTF-8 Support on Client Systems" in the CA Strong Authentication Installation Guide.
CA AuthMinder also enables you to use hardware- or software-based encryption of sensitive data. You can choose to encrypt sensitive parameters and also decide whether you want to display clear text data or encrypted data in Reports.
The following table lists the user and credential parameters that can be selected for encryption and multi-byte character encoding. It also lists the keys that are used for the parameter and the level at which the key is applicable.
Note: Any of the keys that are listed in the Key Type column of this table can be stored in the HSM.
|
Parameter |
Multi-byte |
Encrypted |
Salt Added |
Key Level |
Key Type |
Case-Sensitive |
|---|---|---|---|---|---|---|
|
User Name |
Yes |
Optional |
No |
Organization level |
Organization key |
Yes |
|
User Attributes |
Yes |
Optional |
No |
Organization level |
Organization key |
Yes |
|
Password |
Yes |
Yes |
Yes |
Organization level |
Organization key |
No |
|
One-Time Password |
No |
Yes |
Yes |
Organization level |
Organization key |
No |
|
OATH Seed |
No |
Yes |
Yes |
Organization level |
OATH Master Key |
No |
|
OATH OTP |
No |
No |
No |
NA |
NA |
No |
|
ArcotOTP OATH Seed |
No |
Yes |
Yes |
Organization level |
ArcotOTP OATH Master Key |
No |
|
ArcotOTP OATH OTP |
No |
No |
No |
NA |
NA |
No |
|
ArcotOTP EMV Seed |
No |
Yes |
Yes |
Organization level |
ArcotOTP EMV Master Key |
No |
|
ArcotOTP EMV OTP |
No |
No |
No |
NA |
NA |
No |
|
QnA Questions |
Yes |
Yes |
Yes |
Organization level |
Organization key
|
Yes |
|
QnA Answers |
Yes |
Yes |
Yes |
Organization level |
Organization key
|
Yes |
|
ArcotID Key Secret |
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
ArcotID Primary Key |
No |
Yes |
Yes |
Organization level |
ArcotID Master key
|
No |
|
One-Time Token |
No |
Yes |
Yes |
Organization level |
Global Key |
No |
|
Account ID for EMV |
Yes |
Yes |
Yes |
Organization level |
Organization key
|
Yes |
|
Transient Data Encryption Key |
No |
Yes |
No |
Global level |
Global key |
No |
|
Native Token |
No |
Yes |
No |
Global level |
Transient data encryption key |
No |
|
Password Challenge |
No |
Yes |
Yes |
Global level |
Transient data encryption key |
No |
|
ArcotID Challenge |
No |
Yes |
No |
Global level |
Transient data encryption key |
No |
|
QnA Question ID |
No |
Yes |
No |
Global level |
Transient data encryption key |
No |
|
Credential Custom Attributes |
Yes |
Yes |
No |
Organization level |
Organization key
|
Yes |
The following table lists the configuration parameters that can be selected for encryption and multi-byte character encoding. It also lists the keys that are used for the parameter and the level at which the key is applicable.
Note: Any of the keys that are listed in the Key Type column of this table can be stored in the HSM.
|
Parameter |
Multi-byte |
Encrypted |
Salt Added |
Key Level |
Key Type |
Case-Sensitive |
|---|---|---|---|---|---|---|
|
OATH Seed in the Uploaded Token |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
RADIUS Shared Secret |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
SAML Signing Key |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
ASSP SAML Signing Key |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
ASSP Kerberos Credentials |
Yes |
Yes |
Yes |
Global level |
Global key |
No |
|
Yes |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
ArcotID CA Key |
No |
Yes |
No |
Global level |
Global key |
No |
|
ArcotID Master Key |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
OATH OTP Master Key |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
ArcotOTP OATH OTP Master Key |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
ArcotOTP EMV OTP Master Key |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
No |
Yes |
Yes |
Organization level |
Organization key
|
No |
|
|
SSL Signing Key |
No |
Yes |
Yes |
Global level |
Global key |
No |
|
Messages |
Yes |
No |
No |
NA |
NA |
Yes |
|
Display Name |
Yes |
No |
No |
NA |
NA |
Yes |
|
Audit - Reason |
Yes |
No |
No |
NA |
NA |
No |
|
Audit - Event Message |
Yes |
No |
No |
NA |
NA |
No |
|
Audit - Internal Additional Information |
Yes |
No |
No |
NA |
NA |
No |
|
Audit - External Additional Information |
Yes |
No |
No |
NA |
NA |
No |
|
User Attribute Check |
Yes |
No |
No |
NA |
NA |
No |
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|