Oath tokens generate One Time Passwords (OTP) that are used to authenticate. Oath tokens can be hardware devices such as a key for or display card or software based apps such as Google Authenticator. If you are unfamiliar with the Oath or OTPs you can find more information at the following at openauthentication.org.
The Oath standard support several different OTPs. These are:
- Event based - HOTP: An HMAC-Based OTP Algorithm (RFC 4226)
- Time based - TOTP: Time-based One-time Password Algorithm (RFC 6238)
- Oath Challenge/Response - OCRA: OATH Challenge/Response Algorithms Specification (RFC 6287)
The SurePass Authentication Server supports all of the Oath standards and can import Comma Separated Values (CSV) seed files as well as Oath PSKC Portable Symmetric Key Container (RFC 6030) files.