3.1.6 Framework
This topic provides information on framework.
- In the Global Configuration screen, click
Framework.The Framework screen is displayed.
- Click Edit to specify the details under account.The Framework - Edit screen is displayed.
- Click expand and specify the details.
Note:
The fields marked as Required are mandatory.For more information on fields, refer to the field description table.
Table 3-23 Framework - Field Description
Field Name Description OTP Length Specifies the number of characters used in the One-Time Password (OTP). Allowed Characters for OTP Defines the set of characters that can be used when generating OTPs. OTP Mock Mode Indicates if OTPs should be generated in mock mode for testing purposes. Maximum Authentication Token Attempts Specifies the maximum number of authentication attempts allowed for a token before it is locked or invalidated. Security Question Validity Period Defines the duration for which a security question remains valid for user authentication. Generic Challenge Attempt Limit Specifies the maximum number of attempts allowed for generic authentication challenges. OBRH Encoding Defines the encoding used for OBRH (One-Time Password, Biometric, or Recovery Hash) tokens. OBRH Token Path Specifies the storage or retrieval path for OBRH tokens. Is Persona Feature Required Indicates whether the persona feature is mandatory for this configuration. Transaction ID Mask Specifies the masking rules applied to transaction IDs for security purposes. Blacklisted HTML Tags Lists HTML tags that are not allowed in user input or system processing. HTML tags to replace Specifies which blacklisted HTML tags should be automatically replaced during processing. Whitelisted HTML Attributes Defines HTML attributes that are allowed in user input or system content. Whitelisted HTML Tags Defines HTML tags that are allowed in user input or system content. Whitelisted URL Protocols Specifies the URL protocols that are allowed in links or references. Maximum Number of Attempts for HOTP Specifies the maximum allowed attempts for HOTP (HMAC-based One-Time Password) authentication. Allowed Window Size for TOTP Token Specifies the allowed time window for validating TOTP (Time-based One-Time Password) tokens. Maximum Number of Attempts for TOTP Specifies the maximum allowed attempts for TOTP authentication before locking the user. Maximum Number of Attempts for Push type 2FA Defines the maximum allowed attempts for push-based two-factor authentication (2FA). Two-Factor Authentication Lock Type Specifies the lock type applied when 2FA attempts exceed the maximum limit. Header(s) Masked for API Audit Specifies which API headers are masked during audit logging for security purposes. Bank Config Cache Validity Defines the duration for which the bank configuration cache remains valid. Snapshot Token Expiration Time Specifies the expiration time for snapshot tokens used in session or transaction processing. Token Expiry Time Specifies the duration after which authentication or session tokens expire. Mobile Application Biometric Token Expiration Time Specifies the expiration time for biometric tokens used in mobile applications. Wearable Application Token Expiration Time Specifies the expiration time for tokens used in wearable applications. Siri and Chatbot Token Expiration Time Specifies the expiration time for tokens used in Siri and chatbot integrations. Note:
The fields marked as Required are mandatory.For more information on fields, refer to the field description table.
Table 3-24 Mobile - Field Description
Field Name Description Allowed Device Count for Biometric Registration Specifies the maximum number of devices a user can register for biometric authentication. Allowed Push Registration Count Defines the maximum number of devices allowed to register for push-based notifications or authentication. Play Integrity License Check For Service Application Indicates whether the Play Integrity API license check is enabled for the service application.
Parent topic: Global Settings