OPENPAT

Personal Authentication Tool - Project Framework

Please note that OPENPAT is not a commercial product, it is a research project started October 2017.

I designed it in the attempt to speedup and make easy the implementation of a Personal Authentication Tool, that can be used as a 2nd authentication factor in a two factors authentication scheme, as well as a strong primary authentication factor in place of the weaker scheme userid and password.

As said before OPENPAT is not a product, it is a project framework, a bundle of design patterns and software objects that can be used to build an application solution.

According to the Strong Customer Authentication rules of the PSD2 directive, a two factor authentication scheme (with the two factors pertaining to different categories) is mandatory to access financial information and authorize financial transactions.
Most of the banks currently use a one factor authentication scheme (normally the pair Userid/Password, that is considered a single factor of the "knowledge" category) to provide access to financial information, OPENPAT can give you the 2nd factor you need to be PSD2/SCA compliant.

Due to its modular architecture and lightweight components, OPENPAT can be easily added to any existing one factor authentication scheme with minimal effort.
Furthermore, OPENPAT can be also compliant with the more restrictive rules related to the authorization of financial transactions, that require an additional secure link with the transaction that is going to be authorized, through the mechanism of the Dynamic Linking.
All this stuffs, can be securely and easily handled implementing an OPENPAT solution.

The OPENPAT framework supports operations in on-line mode (the Authentication Device is connected to the network) as well as in off-line mode (the Authentication Device is NOT connected to the network);
Both can be selected in real-time or pre-configured.

The fact that OPENPAT is not a ready product, means that you will not have to deal with a black-box product that is often difficult to integrate and customize, but you will use a project framework to build a solution of your own, that fits perfectly your needs, that is less invasive and that is completely under your control in each phase of its lifecycle: design, development, deploy, operation and maintenance.

If you are interested to use the framework or for any other question, please feel free to contact me.

OPENPAT Features

Provides the 2nd Authentication Factor to access financial informations

Provides the 2nd Authentication Factor plus Dynamic Linking to authorize financial transactions

Supports 5 authentication modes to handle On-line and Off-line scenarios

On-line Automatic

Automatic means that as soon as the user runs the PAT-App (or it is already active), the App will automatically ask the user to authorize.

On-line by Notification

Notification means that a Push Notification will arrive on the PAT device of the user and the PAT-App will ask the user to authorize.

On-line by User Check

User Check means that the user can directly check for a pending authentication request and proceed to authorize (useful, because sometimes notifications do not arrive or are delayed).

On-line by QR-Code

QR-Code means that the PAT-Plugin will show a QR-Code that the user must read with the PAT-App; after that, the user will be automatically authenticated without further actions.

OFF-line by QR-Code

The PAT-Plugin will show a QR-Code that the user must read with the PAT-App.
After that, the user must enter (in the PAT-Plugin) the verification code shown by the App to be authenticated.

Live Demo of an OPENPAT implementation

To explore the functionalities of the OpenPAT framework, a Live Demo has been developed and can be reached using the link below.

The Demo simulates an Online Banking Site with regards to the initial access (login) and the execution of operations that requires various levels of authentication (access to financial informations and/or authorize the execution of financial transactions).

On the Home page of the Demo site, you will find a brief explanation on how to use the Demo.

Please note that the OPENPAT framework is in βeta version and the Demo runs on a (very) small server with limited capabilities, this means that you may experience slowdowns and failures, please be patient and sympathetic.

Thank you for your patience and for any feedback and suggestion you want to leave.


https://mypat.tec4fun.com/yourbank

Contacts

Please use the following contact points to get in touch with me if you are interested to use the OpenPAT framework in your project or for any other information or clarification you need.