Glossary of Terms

Admin Center
The online management center for creating and managing Service, Directory, and Organization data, setting security policies, and more (https://admin.launchkey.com).
AES
Advanced Encryption Standard. See: https://wikipedia.org/wiki/Advanced_Encryption_Standard
Auth Modal
The modal that is hidden within your Mobile Authenticator and slides into view as necessary; this is the default interface your users will interact with in your Mobile Authenticator, and it can be customized and branded as you see fit.
Auth Policy
Authorization Policy
Policy that is sent to a device that must be satisfied before an Auth Request can be approved.
Authenticator SDK
The mobile SDK that lives within your authenticator app and through which a Directory User is authenticated and authorized; available for iOS and Android mobile devices.
Authorization List
List of authorized sessions or transactions for a particular user. Items can be cleared from the list individually or as a group via clear all.
Authorization Request
Auth Request
The authentication or authorization request that is sent to your Mobile App from your Service.
Base64
A group of binary -te-text encoding schemes. See: https://wikipedia.org/wiki/Base64
CBC
Cipher Block Chaining, a block cipher mode of operation implementation. See: https://wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC
Customer
A registered account with TransUnion.
Device
A mobile phone, tablet, or other unit that has a TruValidate Multifactor Authentication Authenticator installed and has at least begun the the process of linking with a User.
Directory
A group, managed through the Admin Center, that contains one or more Service and that can only authenticate a Directory User via one specific Authenticator SDK.
Directory Service
A Service that belongs to a Directory.
Directory User
Generally describes a customer’s end-user. This is a user that has linked their device and has been registered within your Directory via an app that contains the TruValidate Multifactor Authentication Authenticator SDK.
Directory User ID
A unique and permanent identifier for a Directory User in the implementing service. For security purposes, you may want to use an identifier that cannot be easily linked to a user such as a hash of the username or a GUID. This value will be the link between the implementing system and the Platform.
Dual-Purpose Public/Private Key Pair
An RSA Public/Private Key Pair that serves as both an Encryption Public/Private Key Pair and a Signature Public/Private Key Pair within a non-FIPS 140-2/SP 800-57 implementation.
Encryption Public/Private Key Pair
An RSA Public/Private Key Pair used to encrypt/write (an encryption public key) or decrypt/read (an encryption private key) data within a FIPS 140-2/SP 800-57 implementation.
End-User
User
Platform User
An individual who has linked a Device and registered a username through platform.
FIPS 140-2/SP 800-57
An implementation that requires the use of single use keys AAL2 FIPS Compliance.
GUID
Globally unique identifier. See https://en.wikipedia.org/wiki/Globally_unique_identifier
Help Center
The TransUnion Customer help platform: https://help.iovation.com
HTTP
Hyper Text Transfer Protocol. See: https://wikipedia.org/wiki/Hypertext_Transfer_Protocol
IV
Initialization Vector
Fixed-size input to a cryptographic primitive. See: https://wikipedia.org/wiki/Initialization_vector
JSON
JavaScript Object Notation. See: http://json.org
JSON Web Algorithm
JWA
Standard for identifying algorithms for encryption and digital signatures. See https://tools.ietf.org/html/rfc7518
JSON Web Encryption
JWE
Standard for encrypting data. See https://datatracker.ietf.org/doc/rfc7516
JSON Web Token
JWT
Standard for passing authorization claims between services. See https://en.wikipedia.org/wiki/JSON_Web_Token
Create a link between Platform User or Directory User and a specific mobile device or tablet.
Mobile Authenticator
A mobile app that can respond to an Authorization Request. This can either be the TruValidate Multifactor Authentication branded app or a Customer Authenticator app.
OAuth
Open Authentication Protocol. See http://oauth.net/
Organization
Organizations are used in TruValidate Multifactor Authentication to provide more advanced management of a Service and offer additional functionality.
Organization Admin
A Platform User who has been invited and consequently accepted an administrator role for an Organization.
Organization Key
Org Key
Unique identifier of a Service used to communicate with the TruValidate Multifactor Authentication Platform API.
Organization Service
A Service that belongs to an Organization.
Platform
TruValidate Multifactor Authentication Platform
The collection of back-end systems providing TruValidate Multifactor Authentication via various protocols and APIs.
Platform API
TruValidate Multifactor Authentication Platform API
TruValidate Multifactor Authentication API
The publicly accessible TruValidate Multifactor Authentication API that provides communication with the TruValidate Multifactor Authentication Platform.
Platform SDK
TruValidate Multifactor Authentication Platform SDK
Service SDK
The TruValidate Multifactor Authentication SDK that allows your integrated Service to send an Auth Request and receive a response from the request Platform User. See documentation for more information.
REST
Representation State Transfer. https://wikipedia.org/wiki/Representational_state_transfer
RESTful
using REST methodologies.
RSA
A public key cryptography system. See: https://wikipedia.org/wiki/RSA_%28cryptosystem%29
RSA Public/Private Key Pair
See: https://wikipedia.org/wiki/RSA__%28cryptosystem%29#Key_generation
Secret Key
The Secret Key value for a Service generated in the Keys tab of the Service Details tab in the Admin Center.
Service
Your website, mobile app, identity service provider, or other facility that is being secured and/or sending authorization requests.
Service Key
Unique identifier of a Service used to communicate with the TruValidate Multifactor Authentication Platform API.
Service Policy
Auth Policy that is statically defined on a Service to occur with every auth request.
Service Profile
The component of the TruValidate Multifactor Authentication Platform that allows you to manage the way your Service, Mobile Authenticator, and its Platform User base interact with the TruValidate Multifactor Authentication Platform API; managed by admins and developers through the Admin Center.As referred to inside Admin Center, this represents a single integration between the TruValidate Multifactor Authentication Service and the software application integrating with it.
Service User
This is a user which belongs to your Service and is registered within your user database.
Session
Sessions are based on a Directory User and Service. Sessions may be visible in an Authenticator associated with the Directory until such time that either the Service informs the Platform that the Session has ended, the Directory ends the Session, or the User ends the session via an Authenticator`.
Sign
Signed
RSA Signature
A hash value created using the private key of an RSA Public/Private Key Pair that can be verified by the public key of that pair. See: https://wikipedia.org/wiki/RSA_%28cryptosystem%29#Signing_messages
Signature Public/Private Key Pair
An RSA Public/Private Key Pair used to sign (a signature private key) or verify (a signature public key) signed data within a FIPS 140-2/SP 800-57 implementation.
TOTP
Time-based One-time Password. See: https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm
TruValidate Multifactor Authentication Authenticator
A version of TruValidate Multifactor Authentication that enables you to embed TruValidate Multifactor Authentication functionality in your native app.
Remove the link between a Platform User or Directory User and a specific mobile device or tablet.
User Push ID
A GUID that uniquely and permanently identifies the Platform User associated with the Service. This ID allows you to store an obfuscated identifier for the Platform User that may only be used to authorize an Authorization Request for a single Service. This provides additional levels of security in that the Platform User username cannot be obtained from your system and the identifier cannot be used to track a user from one Service to another.
UTC
Coordinated Universal Time. See https://wikipedia.org/wiki/Coordinated_Universal_Time

User Contributed

TransUnion links to user contributed code as a resource to its community. TransUnion does not in any way guarantee or warrant the quality and security of these code bases. User contributed code is supported by the creators. If you do find a link from the site to user contributed code that is malicious or inappropriate in any way, please report that link to TransUnion immediately and we will investigate the claim. Submit any issue to TransUnion support at https://transunion.com/support. ×