-1

I would like to create a token based on registration data from my client to be used to validate that our call center is attending a real client.

I'm thinking of generating a token based on your data exactly like tokens used in banks that change its value every minute. Is there any ready so I can create this token in Python library?

If not, is there any pattern (algorithm) for this? Create a token should not be so difficult, but what I would like is to do this within a standard, if any.

Thanks for help.

Eduardo
  • 1,337
  • 3
  • 22
  • 42

1 Answers1

2

If you are looking for a challenge token - normally called a one time pass, then these libraries are freely available.

There are two main ways to generate these tokens. HMAC-based (HMOTP) as specified in RFC 4226 or time based (TOTP) specific in RFC 6238.

The Google Authenticator project provides libraries for many languages to implement these algorithms and this question goes into detail on implementing it in Python.

However, for a call center application if your caller is authenticating themselves through the IVR, then you should use this to generate a token and send it to their registered mobile or email addresses for verification. It will be simpler to implement and as a bonus will also validate your customer information (if the customer's mobile/email is wrong, they can't utilize the call center).

Community
  • 1
  • 1
Burhan Khalid
  • 152,028
  • 17
  • 215
  • 255