TUPAS authentication method emulator

Introduction

NOTE: Ubisecure product names were unified in autumn 2011. All products which started with term "Ubilogin" were renamed to start with term "Ubisecure". In documentation this name change is implemented retroactively, i.e., the new naming practice is used also when referring to old software versions which started with term "Ubilogin" at the time of their release.

Overview of TUPAS authentication method emulator

Finnish banks have agreed on a solution to use their Internet banking authentication also for other use. In TUPAS authentication a bank authenticates the user. TUPAS works similarly in the case of individual and corporate customers. TUPAS can deliver user identity number and corporate business ID.

From a user point of view authentication is simple as it is done with the same IDs and passwords as any Internet banking transaction. User communicates with bank's Internet service through his web browser and the user is required to enter his IDs and passwords. If these parameters were correct, browser will be redirected to the Ubisecure server. Ubisecure server checks if the web pages are configured to accept the user's TUPAS authentication. Finally the user can access the web pages secured by Ubisecure and TUPAS authentication method.

Finnish banks, however, don't offer comprehensive testing services to test TUPAS authentication method. Usually banks have only one user ID for test purposes, and authentication with that user ID the TUPAS authentication produces only one kind of response, usually identity number. TUPAS Emulator is an authentication method that can be configured to produce any kind of response to the application for testing purposes, such as business ID and different kind of identity numbers.