Operation Approval

Log in to a Service

This section describes how to use your Talisman token to securely log in to your internet banking account. The login process combines actions performed on your computer with confirmation on the Talisman device, ensuring that access is granted only after your identity has been verified.

User Journey

Steps

1. When connecting the Talisman Token with the cable, the following message appears:

   Hello! I'm your secure key
   

2. After 3 seconds, the Talisman screen automatically changes to the following text:

   Waiting for a new request
   

3. On the computer, fill in your login details and press the “Log In” button.
4. A login request is shown on the Talisman screen. Confirm the login by pressing the “OK” button.
5. Enter the PIN code.
6. After entering the correct PIN code you will be immediately logged into your internet banking account.

Integration

Steps

1. The user clicks the “Log in” button in the application.
2. The web browser requests an assertion challenge from the WebAuthn component.
3. The WebAuthn component generates the assertion challenge by requesting it from the FIDO2 server.
4. The FIDO2 server returns the challenge, and the WebAuthn component prepares the response (including credential data if needed).
5. The browser receives the challenge (and credential ID) and forwards it to the Talisman authenticator.
6. The Talisman prompts the user for authorization (PIN entry).
7. After successful authorization, the Talisman signs the challenge.
8. The signed challenge together with the credential ID is sent from the browser to the WebAuthn component.
9. The WebAuthn component forwards the data to the FIDO2 server to verify the assertion.
10. The FIDO2 server validates the signed challenge and returns a successful response.
11. The system creates a user session.
12. The system confirms that the user is successfully logged in.

Payment Operation

Operation authorization is the process of confirming sensitive actions, such as payments, using your Talisman token. Before the action is completed, the device displays key details for your review, allowing you to verify and explicitly approve or reject the operation. This ensures that only intended and validated transactions are carried out.

User Journey

Steps

1. When connecting the Talisman Token with the cable, the following message appears:

   Hello! I'm your secure key
   

2. After 3 seconds, the Talisman screen automatically changes to the following text:

   Waiting for a new request
   

3. Initiate the payment in your internet banking on the computer.
4. A notification about the operation will be displayed on the Talisman screen - you can review the details of the operation:
   • The beneficiary’s IBAN is displayed on the token. Press “OK”.
   • The amount is displayed. Press “OK” again.
5. Confirm the operation by entering the PIN code.
6. After entering the PIN code, the following message will appear, which means that the operation was successfully authorized.

   Operation has been confirmed
   

Integration

Steps

1. The user clicks the “Pay” button in the application.
2. The web browser requests an assertion challenge from the WebAuthn component.
3. The WebAuthn component generates the assertion challenge by requesting it from the FIDO2 server (PowerAuth Cloud).
4. The FIDO2 server returns the challenge, and the WebAuthn component prepares the response (including credential data if needed).
5. The browser receives the challenge (and credential ID) and forwards it to the Talisman authenticator.
6. The Talisman prompts the user for authorization (e.g., PIN entry).
7. After successful authorization, the Talisman signs the challenge using the selected credential.
8. The signed challenge together with the credential ID is sent from the browser to the WebAuthn component.
9. The WebAuthn component forwards the data to the FIDO2 server to verify the assertion.
10. The FIDO2 server validates the signed challenge and returns a successful response.
11. The The system processes the payment.
12. The system confirms that the payment was successful.

Generic Operation

User Journey

The user journey for a generic operation is similar to that of a payment operation.

Integration

1. The user clicks the “Confirm” button in the application.
2. The web browser requests an assertion challenge from the WebAuthn component.
3. The WebAuthn component generates the assertion challenge by requesting it from the FIDO2 server (PowerAuth Cloud).
4. The FIDO2 server returns the challenge, and the WebAuthn component prepares the response (including credential data if needed).
5. The browser receives the challenge (and credential ID) and forwards it to the Talisman authenticator.
6. The Talisman prompts the user for authorization (e.g., PIN entry).
7. After successful authorization, the Talisman signs the challenge using the selected credential.
8. The signed challenge together with the credential ID is sent from the browser to the WebAuthn component.
9. The WebAuthn component forwards the data to the FIDO2 server to verify the assertion.
10. The FIDO2 server validates the signed challenge and returns a successful response.
11. The system processes the operation.
12. The system confirms that the operation was successful.

Canceling an Operation

Cancelling an operation is the process of intentionally rejecting a pending request on your Talisman token. It allows you to stop an action if the details do not match your expectations or if the request was not initiated by you, helping to prevent unauthorized or incorrect operations.

User Journey

Steps

1. Press the “C” button during login or operation confirmation, the following text will appear:

   Reject operation?
   

2. By pressing the “OK” button, you will reject the operation.