As a MobilePASS+ user, you can generate passcodes on your computer or device, and use those passcodes to authenticate to protected corporate and web-based applications.

MobilePASS+ allows secure remote access to corporate and web-based applications. An integrated support feature allows your company’s system administrator to manage it directly from a token management application.

What is a MobilePASS+ token?

MobilePASS+ is a mobile application that generates an OTP (One-Time Password), also referred to as a passcode, to use for secure remote access to corporate and web-based applications. It works independently of mobile network connectivity.

How does MobilePASS+ protect me?

Password theft is the method used most frequently by thieves and hackers to steal identities and gain unauthorized access to computer networks. While they have many ways to steal a password, success depends on the stolen password being valid, in much the same way that credit card theft relies on the card being usable until you report it missing. MobilePASS+ prevents the stolen password being used to log in to the protected network, even if you and your company’s security professionals are unaware that it has been stolen, because immediately after logging on, the generated passcode stops being valid. Any attempt to login by reusing the passcode will fail, and will alert your network security professionals to the possibility that your identity has been stolen.

How do I generate a passcode on my computer or device?

After installing MobilePASS+ on your computer or device, use the application to generate a passcode. You may be required to enter a PIN before generating the passcode.

How do I get started with MobilePASS+?

After the installation of the application on your mobile, the first operation is to activate a token. There are two possible ways to do that:

Automatic self-enrolment - You will receive a self-enrollment email from your company which contains a link to the self-enrollment web site and instructions for installing, enrolling and activating your token.

Manual enrolment - Copy an activation code included in the self-enrollment email and paste it to your MobilePASS+ app.

I have not received an enrollment email, what should I do?

If you have not received your self-enrollment email, contact your system administrator to arrange for a new self-enrollment email to be sent.

For how long will my token continue to operate?

Your token will be able to generate passcodes until it is revoked by your security administrator.

What is self-enrollment?

Self-enrollment is the process of activating your token. You must complete this process before using your MobilePASS+ token to login.

What are the benefits of using the token?

MobilePASS+ enables you to access corporate and web-based resources securely. In addition, it will reduce or eliminate the need to remember or periodically change your login passwords, as your token will do this for you.

How do I protect my security PIN?

If your MobilePASS+ token is configured to use a PIN, protect it as you would the PIN for your credit card. Never share it with anybody. Your network security administrator and help desk will never ask for your PIN and you should never reveal it to them. Never write down your PIN.

What should I do if I cannot log in using my token?

The most common cause of failed login is entering an incorrect passcode. Ensure that you enter the code exactly as displayed on the token, including any punctuation, and upper and lower case letters. Never attempt to reuse a passcode. Your account will automatically lock for a period if you exceed the allowed number of consecutive failed login attempts. You must wait for the required period of time before your account becomes active again. Contact your company’s help desk to resolve login problems.

How do I enable push notifications behind a Proxy?

The application must have access to channel URI (Uniform Resource Identifier) to enable push notifications.

In order to receive the push notifications, we strongly recommend whitelisting the following URLs in your proxy: *.notify.windows.com, *.wns.windows.com

If, alternatively, you require a fixed ranges of IP address, download the file and perform the necessary changes on your site.

For more details see Windows Notification Service (WNS) VIP and IP Ranges:

https://www.microsoft.com/en-sg/download/details.aspx?id=44238

What certificate is required for SAS PCE?

Your system administrator must ensure that a valid certificate is located on your SAS PCE Server with the following features:

• trusted, not outdated, not self-signed, matching your domain URL

For security, the communication will be interrupted if the certificate doesn’t comply with the security checks.