The security level is the maximum guaranteed by the application of the standards:



-OATH ( Open Authentication );

-AES256 (symmetric Encryption);

-RSA1024 (electronic signature);

-SHA256 / BCrypt (cryptographic digest)



Moreover, the secure generation phase of the OTP seeds begins inside Q-ID Company, using hardware devices that are Common Criteria EAL+ certified.


When seeds are acquired by the Library Q-ID Controller, they are further transformed by the Enterprise Authentication Services that use Q-ID platform.


In this way, no one  outside the Enterprise, not even Q-ID Company, can get their hands on this data.