Trusted Devices & Device PIN
A trusted device is a mobile device (mobile phone or tablet) with a Cyclos mobile app that has been activated as trusted, and can be be used to confirm sensitive Cyclos operations (like payments) by scanning a QR code. It works similar as physical tokens that Banks use to confirm online operations, and it offers the same level of security. A typical example is to confirm a payment initiated at the Cyclos Web interface. The payment confirmation window in Cyclos will show a QR code and ask the user to confirm the payment by scanning the code with the Cyclos mobile app. The process is very quick. The user (payer) does not have to log into the mobile app (although the scan option is also available when logged in) but can just launch the Cyclos app and click on the QR code icon. This will open the camera, when the QR code is scanned the mobile app will show the payment details and a confirmation button. When the button is clicked the payment is made. Both the Mobile app as well the Cyclos Web payment page will show a confirmation that the payment has been made (with the payment information). The process is intuitive (no explanation or documentation is necessary) and also very quick (a matter of seconds).
A mobile device will need to be activated only once as trusted device. This process is also straightforward. At the first successful login at the mobile app the user will be offered to enable the device as Trusted. This can be done by entering an activation code, which is send to the user by another channel (email or SMS). When the code is filled in and submitted the device is enabled as 'Trusted' and can be used to confirm Cyclos operations.
A part from payment confirmation a trusted device can be used for other sensitive operations (authorization, profile modification etc.). It offers high security without compromising the easy of use (no secondary password needs to be remembered). The Cyclos mobile app and Cyclos use a key pair and hash functions that makes the security as strong as physical tokens.
Another convenient use of a trusted device to require a confirmation to login at the Web interface. So after the user enters successfully his/her userID and password a QR code is shown as a next step. When the QR code is scanned (by the trusted device of the user) the user is logged in directly to Cyclos. This can be enabled for any type of user (operator, member, broker and administrator). The login confirmation by QR code is an interesting additional security for the login of administrators. Often an IP whitelist is used as extra security level, but this can can be cumbersome to manage, as IP addresses can change. Besides this more people can have share the same IP (for a company network) meaning that the IP whitelist is not restricted to a specific user.
There are various possible configurations. For example, it is possible to require only QR code confirmations for payments above certain amounts (max per payment and max per day/week/month). In the Cyclos Web environment the user can see a list of his trusted devices (menu: Personal - Settings - Trusted devices. The device name of the Trusted device is generated automatically when the devices is made trusted. Usually this will be the mobile phone brand name. In the Cycos app the user can change the name going into Settings > Change device name. It is also possible to disable the phone as trusted device, and manually enable it again, which will require to send insert one time password. This can be done via the options: Settings > 'No longer use this device for confirmation', and Settings > Use this device for confirmation'.
It is possible to enable an 'Easy PIN' to login at a mobile phone. Generally it is easier to type a PIN number than a strong login passwords (with special characters, uppercase, etc), which are considered more secure. When an easy PIN is enabled the mobile app will show an numeric keyboard, which is easier to use than the default character keyboard. The PIN is activated just for the device. So even if somebody 'eyeballs' the PIN (when it is typed) it won't be possible to use it at another device.