10.2.2.1. Solution overview

Airlock 2FA is based on the Futurae cloud service. This makes the setup especially easy because no 3rd party 2FA solution needs to be installed or integrated.

The following diagram shows how the solution works in general. It also shows the involved components and how they interact.

Airlock2FA-Overview2

The necessary Airlock 2FA app - a mobile app provided for iOS and Android - can be downloaded from the app store (or marketplace) and used right away. It is not necessary to implement a custom mobile app. If required, a custom mobile app can be made based on the SDK or the SDK can be used to enrich an existing mobile app with Airlock 2FA features.

Moreover, hardware tokens are available in cases where the usage of a mobile app is not appropriate.

Exemplary login process

The following login process is exemplary only. We assume that the user has already installed the Airlock 2FA app and activated it for an IAM user account.

  • 1.
    The user enters the correct username and password.
  • 2.
    The Airlock 2FA app receives a push message and starts authentication.
  • 3.
    Depending on the authentication settings and the smartphone platform:
    • One-Touch: To authenticate, the user has to press the Approve button in the app.
    • Passcode: To authenticate, the user enters the OTP code shown in the app.
    • Offline QR-Code: to authenticate, the user has to scan a QR code and enter the OTP code shown in the app.
  • The user is logged in and can access all applications of the single-sign-on realm.