Is CA Mobile OTP secured during transmission and storage?

Document ID : KB000108037
Last Modified Date : 27/07/2018
Show Technical Document Details
Question:
I have these questions on CA Mobile OTP:
1. When user inputs the Mobile OTP, when it travels to CA AA server is it encrypted?
2. Do we store CA Mobile OTP in database in clear text?
Answer:
1. The Mobile OTP key(card string) is encrypted with the activation code when sent to the client device.However, we recommend to use HTTPS for all communications for added security.
2. Mobile OTP key is encrypted and stored in the database.