Forward Thinking IT Solutions

Server for EMV-CAP, OATH and Digipass Authentication

Easy Integration of EMV-CAP, OATH or digipass in Existing Backend Systems

EMV-CAP ist the international standard for strong authentication for E-Banking and E-Commerce. OATH and Digipass are well established standards for one-time password solutions.

CAP (Chip Authentication Program) was developed by MasterCard and adopted by Visa (Visa Passcode) to secure Internet-based E-Commerce transactions with debit- and credit cards. The CAP standard supports strong authentication also for E-Banking applications.

To integrate EMV-CAP, a financial institution requires the following components:

  • EMV debit-, credit- and/or bank cards, appropriately personalized
  • Personal Card Reader (PCR) for the customers
  • EMV-CAP Authentication Server for the verification of one-time passwords and transaction signatures

Ergonomics offers e.g. Vasco Personal Card Readers (PCRs) and the Authentication Server for easy and efficient integration of EMV-CAP into existing backed systems.

The Ergonomics Authentication Server provides the following key functions:

  • Initialization and key management
  • Data preparation for the card personalization
  • Protected data import for OATH and Digipass keys
  • Interface to SMS gateways to send one-time passwords and transaction verification data
  • Verification of one-time passwords at application log-on
  • Verification of transaction signatures

The following illustration provides an overview of the typical system environment of the Ergonomics Authentication Server.


Please contact us for additional information about EMV-CAP, OATH or Digipass or the Ergonomics Authentication Server. Digipass is a registered trademark of Vasco.