The security level is the maximum guaranteed by the application of the standards:
-OATH ( Open Authentication );
-AES256 (symmetric Encryption);
-RSA1024 (electronic signature);
-SHA256 / BCrypt (cryptographic digest)
Moreover, the secure generation phase of the OTP seeds begins inside Q-ID Company, using hardware devices that are Common Criteria EAL+ certified.
When seeds are acquired by the Library Q-ID Controller, they are further transformed by the Enterprise Authentication Services that use Q-ID platform.
In this way, no one outside the Enterprise, not even Q-ID Company, can get their hands on this data.