The OATH Certification Program is intended to provide assurance to customers that products implementing OATH standards and technologies will function as expected and interoperate with each other. This will enable customers to deploy ‘best of breed’ solutions consisting of various OATH ‘certified’ authentication devices such as tokens and servers from different providers.
Certification Profiles
The OATH certification profiles are intended to provide specific guidance and recommendations to providers who want to implement OATH specifications in their products.
OATH has taken a modular approach and intends to develop the following profiles to address the different OATH specifications as applied to the identified components of the OATH Reference Architecture.
One or more profiles may be relevant to a particular vendor's product. For example, a vendor may implement both HOTP and TOTP support in its validation server.
Draft and completed profiles can be downloaded by clicking the link below. The remaining profiles are under development and will be published in the future.
| Standalone Client Profiles |
|
| Connected Client Profiles |
|
| Validation Server Profiles |
|
Provisioning Server Profiles |
|
* Profiles marked 'Draft' are currently in the public review period.
Compliance Testing Program (H2 '2010)
OATH is currently working on implementing a Compliance Testing Program. This program will verify that products that implement OATH specifications satisfy the requirements identified in the relevant certification profiles.
Once the products pass compliance testing, they will be deemed as OATH 'certified' and will be able to show the 'OATH certified' logo.