How to create OTP in android using java..
In 2016 with the increase of the hackers especially in android Two-Factor Auth has became primary for most of the tech gaints in order to protect their users from the hackers hence today in this article we are going to show you how to generate OTP using java code in android.
Two-factor authentication uses a one-time password (OTP), which combines something the user knows (a username and password) and something the user has (typically, a token or key fob that produces a six-digit number, valid only for a short period of time and available on demand).
If your business is already using two-factor authentication, then you are also familiar with the various issues around token usability and logistics. Replacing lost or broken tokens and users mistyping their one-time passwords are just two of the headaches currently affecting help desks and IT departments.
The purpose of this article is to provide a high level overview of the one-time password (OTP) functionalities and show how to use the OTP APIs in Android.
Code and Explanations
OTP has three major functionalities: OTP provisioning, OTP generation, and OTP verification. There are also APIs for querying OTP capability and the OTP version on the system.
OTP Provisioning
InvokeIPTProv extends the AsyncTask to execute the provisioning in the background. It first creates the security service (Provision Service) and then starts the provisioning process
@Override
protected Void doInBackground(Void... params) {
ChaabiProvision prov = new ChaabiProvision();
try {
prov.execute().get(PROV_MAX_TIMEOUT, TimeUnit.MILLISECONDS);
} catch (InterruptedException e) {
error = "Provisioning failed: " + e.getClass().getName() + ": "
+ e.getLocalizedMessage();
e.printStackTrace();
} catch (ExecutionException e) {
error = "Provisioning failed: " + e.getClass().getName() + ": "
+ e.getLocalizedMessage();
e.printStackTrace();
} catch (TimeoutException e) {
error = "Provisioning failed: " + e.getClass().getName() + ": "
+ e.getLocalizedMessage();
e.printStackTrace();
}
return null;
}
OTP Generation
Before we start generating the OTP, we need to check if the device has already successfully completed the provisioning process.
// Read token if exists
if (!readData()) {
tvOTPGenerate
.setText("OTP generation failed: No token exists. Please do provisioning.");
return;
}
Then we can invoke the Async call to generate the OTP.
boolean invokeResyncGenerateOTP(IPTWrapper obj) { try { // Send request to the server for resync message and process // the received resync message InvokeIPTResync ipt_obj = new InvokeIPTResync(); boolean status = ipt_obj.execute().get(); if (status) { // Processes the server resync message obj.ProcessResyncMessage(encrToken_b64, serverResyncMessage); // Invoke OTP generation again // Check if token is of type OCRA if (tokenInfo .equalsIgnoreCase(OTPDemoActivity.OCRA_TOKEN_INFO)) { invokeGenerateOTP(obj, true); } else { invokeGenerateOTP(obj, false); } displayOTP(); progressDialog.dismiss(); } else { String error = "Receive server resync message failed."; tvOTPGenerate.setText(error); progressDialog.dismiss(); OTPDemoActivity.OTP = null; return false; } } catch (IhaException e) { String error = "OTP generation failed. Message: " + e.getLocalizedMessage() + " Error code: " + e.GetError(); tvOTPGenerate.setText(error); progressDialog.dismiss(); OTPDemoActivity.OTP = null; return false; } catch (Exception e) { String error = "OTP generation failed: " + e.getClass().getName() + ": " + e.getLocalizedMessage(); tvOTPGenerate.setText(error); progressDialog.dismiss(); OTPDemoActivity.OTP = null; return false; } return true; }
OTP Verification
Once the OTP is generated, we can then check if it is valid.ChaabiOTPVerify otp_ver = new ChaabiOTPVerify(); try { otp_ver.execute() .get(OTP_VERIFY_TIMEOUT, TimeUnit.MILLISECONDS); } catch (InterruptedException e) { error = "OTP verification failed: " + e.getClass().getName() + ": " + e.getLocalizedMessage(); e.printStackTrace(); } catch (ExecutionException e) { error = "OTP verification failed: " + e.getClass().getName() + ": " + e.getLocalizedMessage(); e.printStackTrace(); } catch (TimeoutException e) { error = "OTP verification failed: " + e.getClass().getName() + ": " + e.getLocalizedMessage(); e.printStackTrace(); } return null; } catch (JSONException e) { error = e.getClass().getName() + ": " + e.getLocalizedMessage(); status = false; e.printStackTrace(); } catch (UnsupportedEncodingException e) { error = e.getClass().getName() + ": " + e.getLocalizedMessage(); status = false; e.printStackTrace(); } catch (ClientProtocolException e) { error = e.getClass().getName() + ": " + e.getLocalizedMessage(); status = false; e.printStackTrace(); } catch (IOException e) { error = e.getClass().getName() + ": " + e.getLocalizedMessage(); status = false; e.printStackTrace(); } Log.v(LOG_TAG, "Return results: " + status); return status; }
Query OTP Capability
Built-in, hardware-based OTP is not available on all mobile devices, so it would be helpful to first query the system if the OTP capability is available.private boolean isOTPCapable(){ try { IPTWrapper caps = new IPTWrapper(); String cap = caps.GetCapabilities(); displayMessage("Capabilities: " + cap); return true; } catch (IhaException e) { String error = "GetCapabilities() failed. Message: " + e.getLocalizedMessage() + " Error code: " + e.GetError(); notifyUser("Failed: " + error); return false; } catch (Exception e) { String error = "GetCapabilities() failed: " + e.getClass().getName() + ": " + e.getLocalizedMessage(); notifyUser("Failed: " + error); return false; } }
Conclusion
By generating the OTP it will help you secure your user data Take your time to share feedback on this article.
Get a blank ATM CARD and cash good money/funds directly today in any ATM machine around you anywhere in the world. It's 100% guaranteed secure with no worries of being caught because the blank card it's already programmed and loaded with good funds in it, in such a way that's not traceable which also have a technique that makes it impossible for the CCTV to detect you, so get the blank ATM CARD today at our email address: unitedblankatmhackcard@gmail.com and change your story for good
ReplyDeleteHACK ATM AND BECOME RICH TODAY!!!
ReplyDeleteYou can hack and break into a bank's security ATM Machine without carrying guns or any weapon.
How is this possible?
First of all we have to learn about the manual hacking of ATM MACHINES and BANKING ACCOUNTS.
HOW THE ATM MACHINE WORKS.
If you have been to the bank you find out that the money in the ATM MACHINE is being filled right inside the house where the machine is built with enough security. To hack this machine We have develop a special blank ATM Card which you can use in any ATM Machine around the world. This ATM card is been programmed and can withdraw $10000 USD within 24 hours in any currency. There is no ATM MACHINES this BLANK ATM CARD CANNOT penetrate because its been programmed with various tools and software before it will be send to you. The card will make the security camera malfunction at that particular time until you are done with the transaction you can never be trace. It also has a technique that makes it impossible for the CCTVs to detect you, Getting the card you will forward the me your details so we can proceed to send the card to you once you agree to the terms and conditions.
Contact Us today via email: programmedatmcards@gmail.com or text +2348154637647
ReplyDeleteMy life was falling apart, I was being cheated and abused, I had to know the truth and needed proof. I contacted a private investigator that linked me with onlineghost who took care of the hack job. He hacked his iPhone,Facebook,Instagram, Whats app, twitter and email account. I got all I wanted as proof . I”m glad i had a proven truth he was cheating . Contact him for any hack job. Tell him i referred you to him, he will surely meet your hack need. Contact: onlineghosthacker247@ gmail .com
Do you need to increase your credit score?
ReplyDeleteDo you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com