Does Sinch Authentication 365 meet industry standards?
Sinch Authentication 365 meets or exceeds industry standards in a number of areas:
Sinch Authentication 365’s token generation is implemented using both industry standard RFC 6238 (TOTP)and RFC 4226 (HOTP).
Implementation of TOTP algorithms exceed the default by using a SHA-256 cryptographic hash method instead of SHA-1 (default)
A full alphanumeric token with 9 digits, results in over 1.354 x 1016 possible combinations (that’s greater than13.53 quadrillion)
Invalid responses are limited and locked out after repeated failures from an end-user.
Sinch Authentication 365 is to be implemented across geographically redundant servers, requiring a secure connection between Sinch and the customer. Additionally, as business supports it, we will be able to deploy Sinch Authentication 365 into country-specific data centers (Sinch or partner) as needed.
William Dudley Head of Mobile Innovations & Evagelism, Sinch