This article provides a comparison between the OATH-based one-time password (OTP) mobile apps Smart ID Mobile App (Personal Mobile), Google Authenticator, and Microsoft Authenticator.
| Features | Smart ID Mobile App |
|---|
| Google Authenticator | Microsoft Authenticator | |||
|---|---|---|---|---|
| OATH-compliant | ||||
| Time-based one-time password (TOTP) | ||||
| Event-based one-time password (HOTP) | ||||
| Supported by Smart ID Digital Access component | ||||
| Fingerprint authentication on iOS and Android | ||||
|---|---|---|---|---|
| Face recognition on iOS | ||||
| Supported algorithms | ||||
| SHA1 | ||||
| SHA256 | on iOS | |||
| on Android | ||||
| SHA512 | on iOS | |||
| on Android | ||||
OTP types
OATH allows generating an OTP based on a shared secret. There are two types of OTPs:
- time-based OTP (TOTP): A TOTP is renewed after a fix amount of time, for example 30 seconds.
- event-based OTP (HOTP): An HOTP is valid per authentication. After authentication a new OTP is generated.
Nexus authentication platform
Nexus authentication platform Smart ID Digital Access component (Hybrid Access Gateway) supports OTP token authentication based on OATH – for hardware and software tokens – as well as self-registration for OATH-compliant mobile applications.
This article is valid from Nexus Personal Mobile 3.7.
Related information
- Smart ID Mobile App (Personal Mobile)
- Smart ID Digital Access component (Hybrid Access Gateway)
- Set up an OATH-compliant mobile app as authentication method