How does it work?

Registration process:
During the registration process, which takes less than few seconds, user's public key and other information are filled-in to a webpage automatically by the n-Pass and stored in the database on the server. No secret/personal/unwanted information, neither fingerprint template(s) is sent to or stored on the server! Even password or its hash is not required for the secured authentication

The Authentication process:
When a registered user approaches the secured webpage, the server generates
a random string that can also include a time-stamp to eliminate any possibility of theft, which looks like following:

30444798b1cc1d77ccGGMflAbkgPnK76VV3VdFtzhzeX9TuoghB2mOikOiIMBrIt9ouOH9N9aOxNgtS2tL1MvK3DE
uy8c6nGR1OuRDcwq36I92UTVQPgz6UxX2QP7eQuRclw6R1OkganuXswlObXi6qzfl9z23TzKnPcrftn1ddmWxPIN
6dkISyhAscidDNovX5c24F6a296ZLmk5jBBZvky7L4jwTiksockYVLuew16eeJLBlcn9whMZWjAMczPvlfStRNZ3hnB.

The n-Pass Pro captures this string, digitally signs it using private key from RSA-2048 key pair and returns to the server together with any publicly available users information e.g. e-mail address or username (This information is required to retrieve user's public key from the database). It is very important that server side may require additional authentication of user before signing the captured string. The signed key looks like:

22d932788eee032e7be971fbfbfdd8be317e4198f5509190625320708c6467a577f8f12b0f2c5102ad073e374e
66ac53c9adc37879dde50a9eceb17cccd23c5c4508d6321fdcea33b439457cb0acc40d7453c9e83b9d0aac002a8
4921c303966ac08edfe4e609878f7744c074637aa86bc3b5764112b7a588faebb3c8ad8499a2f3ad7b035516a
8cbe3448e9e23ac8fb1c652835112b80ad9187ca62112c0183f8dbd94511144fb1ba281da821c1488df0b5e7ff
0c8203e15363b48bd2b4a9a0cb2ab0eff1e30ec432e056af52a475c8031613b58d623463423118b6f8da407d5
2308f522745d83fe584db4a14e3bcaba8d1ad077628e0eac9dd32317d6d2fa0

The Server verifies the signature. After a positive verification, the user is logged in. The process does not require more than 1 second.