Glossary of Terms

Admin Center
The online management center for creating and managing Service, Directory, and Organization data, setting security policies, and more (
Advanced Encryption Standard. See:
Auth Modal
The modal that is hidden within your Mobile Authenticator and slides into view as necessary; this is the default interface your users will interact with in your Mobile Authenticator, and it can be customized and branded as you see fit.
Auth Policy
Authorization Policy
Policy that is sent to a device that must be satisfied before an Auth Request can be approved.
Authenticator SDK
The mobile SDK that lives within your authenticator app and through which a Directory User is authenticated and authorized; available for iOS and Android mobile devices.
Authorization List
List of authorized sessions or transactions for a particular user. Items can be cleared from the list individually or as a group via clear all.
Authorization Request
Auth Request
The authentication or authorization request that is sent to your Mobile App from your Service.
A group of binary -te-text encoding schemes. See:
Cipher Block Chaining, a block cipher mode of operation implementation. See:
A registered account with TransUnion.
A mobile phone, tablet, or other unit that has a TruValidate Multifactor Authentication Authenticator installed and has at least begun the the process of linking with a User.
A group, managed through the Admin Center, that contains one or more Service and that can only authenticate a Directory User via one specific Authenticator SDK.
Directory Service
A Service that belongs to a Directory.
Directory User
Generally describes a customer’s end-user. This is a user that has linked their device and has been registered within your Directory via an app that contains the TruValidate Multifactor Authentication Authenticator SDK.
Directory User ID
A unique and permanent identifier for a Directory User in the implementing service. For security purposes, you may want to use an identifier that cannot be easily linked to a user such as a hash of the username or a GUID. This value will be the link between the implementing system and the Platform.
Dual-Purpose Public/Private Key Pair
An RSA Public/Private Key Pair that serves as both an Encryption Public/Private Key Pair and a Signature Public/Private Key Pair within a non-FIPS 140/SP 800-57 implementation.
Encryption Public/Private Key Pair
An RSA Public/Private Key Pair used to encrypt/write (an encryption public key) or decrypt/read (an encryption private key) data within a FIPS 140/SP 800-57 implementation.
Platform User
An individual who has linked a Device and registered a username through platform.
FIPS 140/SP 800-57
An implementation that requires the use of single purpose keys AAL2 FIPS Compliance.
Globally unique identifier. See
Help Center
The TransUnion Customer help platform:
Hyper Text Transfer Protocol. See:
Initialization Vector
Fixed-size input to a cryptographic primitive. See:
JavaScript Object Notation. See:
JSON Web Algorithm
Standard for identifying algorithms for encryption and digital signatures. See
JSON Web Encryption
Standard for encrypting data. See
JSON Web Token
Standard for passing authorization claims between services. See
Create a link between Platform User or Directory User and a specific mobile device or tablet.
Mobile Authenticator
A mobile app that can respond to an Authorization Request. This can either be the TruValidate Multifactor Authentication branded app or a Customer Authenticator app.
Open Authentication Protocol. See
Organizations are used in TruValidate Multifactor Authentication to provide more advanced management of a Service and offer additional functionality.
Organization Admin
A Platform User who has been invited and consequently accepted an administrator role for an Organization.
Organization Key
Org Key
Unique identifier of a Service used to communicate with the TruValidate Multifactor Authentication Platform API.
Organization Service
A Service that belongs to an Organization.
TruValidate Multifactor Authentication Platform
The collection of back-end systems providing TruValidate Multifactor Authentication via various protocols and APIs.
Platform API
TruValidate Multifactor Authentication Platform API
TruValidate Multifactor Authentication API
The publicly accessible TruValidate Multifactor Authentication API that provides communication with the TruValidate Multifactor Authentication Platform.
Platform SDK
TruValidate Multifactor Authentication Platform SDK
Service SDK
The TruValidate Multifactor Authentication SDK that allows your integrated Service to send an Auth Request and receive a response from the request Platform User. See documentation for more information.
Push Package
A push package is the vehicle used to communicate between the TruValidate Multifactor Authentication API and a Device.
Representation State Transfer.
using REST methodologies.
A public key cryptography system. See:
RSA Public/Private Key Pair
Secret Key
The Secret Key value for a Service generated in the Keys tab of the Service Details tab in the Admin Center.
Your website, mobile app, identity service provider, or other facility that is being secured and/or sending authorization requests.
Service Key
Unique identifier of a Service used to communicate with the TruValidate Multifactor Authentication Platform API.
Service Policy
Auth Policy that is statically defined on a Service to occur with every auth request.
Service Profile
The component of the TruValidate Multifactor Authentication Platform that allows you to manage the way your Service, Mobile Authenticator, and its Platform User base interact with the TruValidate Multifactor Authentication Platform API; managed by admins and developers through the Admin Center.As referred to inside Admin Center, this represents a single integration between the TruValidate Multifactor Authentication Service and the software application integrating with it.
Service User
This is a user which belongs to your Service and is registered within your user database.
Sessions are based on a Directory User and Service. Sessions may be visible in an Authenticator associated with the Directory until such time that either the Service informs the Platform that the Session has ended, the Directory ends the Session, or the User ends the session via an Authenticator`.
RSA Signature
A hash value created using the private key of an RSA Public/Private Key Pair that can be verified by the public key of that pair. See:
Signature Public/Private Key Pair
An RSA Public/Private Key Pair used to sign (a signature private key) or verify (a signature public key) signed data within a FIPS 140/SP 800-57 implementation.
Time-based One-time Password. See:
TruValidate Multifactor Authentication Authenticator
A version of TruValidate Multifactor Authentication that enables you to embed TruValidate Multifactor Authentication functionality in your native app.
Remove the link between a Platform User or Directory User and a specific mobile device or tablet.
User Push ID
A GUID that uniquely and permanently identifies the Platform User associated with the Service. This ID allows you to store an obfuscated identifier for the Platform User that may only be used to authorize an Authorization Request for a single Service. This provides additional levels of security in that the Platform User username cannot be obtained from your system and the identifier cannot be used to track a user from one Service to another.
Coordinated Universal Time. See

User Contributed

TransUnion links to user contributed code as a resource to its community. TransUnion does not in any way guarantee or warrant the quality and security of these code bases. User contributed code is supported by the creators. If you do find a link from the site to user contributed code that is malicious or inappropriate in any way, please report that link to TransUnion immediately and we will investigate the claim. Submit any issue to TransUnion support at ×