cancel
Showing results for 
Search instead for 
Did you mean: 

Does Sinch Authentication 365 meet industry standards?

William_Dudley
Moderator
Moderator

Sinch Authentication 365 meets or exceeds industry standards in a number of areas:

  • Sinch Authentication 365’s token generation is implemented using both industry standard RFC 6238 (TOTP) and RFC 4226 (HOTP).
  • Implementation of TOTP algorithms exceed the default by using a SHA-256 cryptographic hash method instead of SHA-1 (default)
  • A full alphanumeric token with 9 digits, results in over 1.354 x 1016 possible combinations (that’s greater than13.53 quadrillion)
  • Invalid responses are limited and locked out after repeated failures from an end-user.
  • Sinch Authentication 365 is to be implemented across geographically redundant servers, requiring a secure connection between Sinch and the customer. Additionally, as business supports it, we will be able to deploy Sinch Authentication 365 into country-specific data centers (Sinch or partner) as needed.
William Dudley Head of Mobile Innovations & Evagelism,
Sinch
0 REPLIES 0