TIQR - SURF
Logging in quickly and safely with TIQR
Logging in quickly and safely with TIQR.
Egeniq has lots of in-house expertise in the field of cybersecurity. Never afraid of a challenge, it is always a pleasure for us to support our clients in creating the best solutions for them.
For SURF, the ICT-collaboration between the educational sector and researchers, we developed TIQR. This tool enables SURF users to login to the website quickly and safely.
With TIQR, SURF wanted to explore the options of safe login via smartphone. The result is a showcase example of what is possible in the areas of app technology and security.TIQR is open-source software, which means that it can also be connected to your website. Authentication is done by scanning a QR-code with your smartphone. In this way, a password is no longer necessary.
Logging in goes as follows:
- The website shows a QR-code.
- You scan the QR-code with the TIQR-app on your smartphone and enter your pin code.
- The app knows your identity and logs in for you.
- When the information has been confirmed, the page reloads, and you are immediately given access.
- This process only takes a few milliseconds.
The technology behind TIQR
TIQR is based on the authentication standards of the Open Authentication Initiative (OATH). In addition, it makes use of the OCRA-protocol for executing challenge/response authentication. No other devices are required for authentication, such as a pc. Everything is done on the smartphone. Very handy indeed!
All personal information is protected by 256-bit AES-encryption. Momentarily, the TIQR App is being subjected to a strict security audit conducted by a trusted security auditor. The results will be published on the tiqr.org website, and if necessary, the app will be adjusted accordingly. The technology behind TIQR is similar to the technology underlying one-time login codes used by banks. Very safe, indeed!