IdentrustImplemented Identrust for eHR and eMR
Client wanted to protect a web based CMS with a OTP. We built all three OTPs. The first one was an Event-based OTP which uses HMAC One Time Password. This is the HOTP.
The second one, TOTP built, was Time based OTP where the changing factor is time instead of the counter. The time increment was set to 45 seconds.
The third was the Mobile OTP, MOTP which is an authentication protocol.
- Mobile, Radius, Auth, Authentication
The basic mechanism is the same in terms of the requirements. The difference is that with this method we would simply need to detect if the Certificate was installed on the computer. What happens is that when doctor goes through IdenTrust to get identify proofed, then they issue a certificate that is installed on the USB device which then gets installed on the computer. At the point of verifying 2FA, we would just need to detect the presence of the certificate then allow/disallow the Rx action.
All public key of certificate(Identrust) to be stored on S3 server And this s3 server key folder also has to be accessible to TM end. When user will transmit Rx to TM or Rx Order send to TM case only i.e those XML which are to be send to TM only, we need to sign only those XML .