Thursday, June 13, 2024
Innovative SMS Gateway & Messaging solutions


Case 1: Extra Security for Web Application Logins

Sensitive Information should be protected efficiently but in the same time it should be easy to access for users. For example field staff has to have the possibility to access an own server during client visit in order to retrieve information or place a purchasing order.

If there isn't any sensitive data to be transferred, password protected login should be good enough. But what if employees can access company wide intranet or CRM from outside of a secure company network? These systems usually contain confidential client information or possible company secrets. In such cases it is recommended to play safe and build an additional security check. With ASPTOKEN that kind of extra security check is easily done.

ASPTOKEN is a perfect solution for extra security needs with a login procedure, because ASPTOKEN provides an extra authentication method via SMS. Any login-system secured with ASPTOKEN grants access only to the person who knows a username, a password and possesses a mobile phone, which number was saved beforehand into the system.

In just a few minutes a programmer is able to integrate ASPTOKEN in to an application. Code generation, SMS sending and verification of the code is taken care by ASPTOKEN.

Process of ASPTOKEN authentication:
  1. User enters username and password to the login-form of the website
  2. User receives ASPTOKEN SMS-code to his mobile phone
  3. User enters SMS-code to the login-form
  4. Access to the web application is granted
ASPTOKEN does not have any setup fees, any fixed fees or monthly fees. Only SMS traffic is charged with normal ASPSMS tarif.

Case 2: ASPTOKEN for E-Banking

"mTAN [Mobile Transaction Authentication Number] ranks among the most secure methods, when user gets specific transaction data via separate channel to his mobile phone. Risk exists only if both the computer and his mobile phone are infected by malware." PCtipp

When opening his account, a customer gives his mobile phone number to his bank. Whenever he afterwards does a login to his e-banking account with his username and password, he will receive an additional APSTOKEN authentication code via SMS. He enters that code to the login-window and confirms that way that he possesses his pre-registered mobile phone number. A hacker must therefore not only to possess the username and password but also the mobile phone of the e-banking customer.

That kind of extra security and two-way authentication can be also used in e-banking when confirmation of different transactions is desired. When a customer does for example a bigger transaction, the e-banking software can automatically send an ASPTOKEN SMS-code for confirmation. If that transaction is ok for the customer, he enters the received SMS-code to the e-banking Internet session and gets that transaction confirmed.

This kind of extra payment confirmation method is for a hacker very difficult to intervene. With ASPTOKEN, a bank can build extra security check for the Internet banking.

Process of ASPTOKEN authentication:
  1. Customer enters his username and password to the login-window of E-Banking website.
  2. Customer receives immediately ASPTOKEN SMS-code to his mobile phone
  3. Customer enters that SMS-code to the E-Banking website.
  4. Customer has been authenticated securely.

    Additional payment transaction confirmations via SMS can be initiated during that E-Banking session.
ASPTOKEN does not have any setup fees, any fixed fees or monthly fees. Only SMS traffic is charged with normal ASPSMS tarif.
New User Registration

Click here for the ASPSMS new user registration.

Have you already registered? Log in with your user e-mail address and password.

Forgot Login Password?

Available SMS tools and interfaces for ASPSMS