Aim: Provide developers a way to set up their own OTP delivery and verification infrastructure from scratch in little time.
The vision: The Developer will download "leanOTP" files and upload them to his/her server. Using a GUI the developer will choose whether they want to set-up SMS based OTP system or email based OTP system. The developer must integrate leanOTP into his project (function calls). If the developer opts for SMS based OTP system the developer will have to install the leanOTP app on an Android device; Then via a two-way handshake (by entering random generated codes on the server and the phone) the Android device will be authenticated and then will be used to send SMS messages; The SIM card in the device will be used to send the SMS messages; Hence SMS charges will apply. Basically using leanOTP, developers will be able implement OTP security in their projects with minimal effort.
Functionalities:
Send OTP messages
Authenticate OTP
OTP Request Abuse Protection
Log all incoming OTP requests and delivered OTP (and their recipients)
Provide a graphical interface for viewing the above data.
Filter (Accept/Deny) OTP requests based on Whitelist/Blacklist/Country Code (in case of SMS based OTP)
Integration with ownCloud: As this project will be very flexible in nature it will be compatible with ownCloud. It will be possible to integrate leanOTP in ownCloud. It could be an optional feature that users could enable if they require.
Technologies to be used:
Java (Android App)
PHP (Web Server Files)
Possible Enhancements (if time permits):
- SMS Delivery using Arduino Board or Raspberry Pi
Suggestions will be appreciated. Thank you for this opportunity.
Arjunsinh S. Jadeja.
