Quiz Entry - updated: 2026.07.14
How does challenge-response login work, and what's the difference between manual, semi-automatic, and fully automatic variants?
Server sends a challenge → token (or phone) computes a response from (key, challenge) → user delivers response back. Variants differ in how the challenge moves between server and token.
| Variant | Challenge transport | Example |
|---|---|---|
| Manual (chipTAN, calculator-style) | User reads challenge from screen, types it into hardware token | Old TAN generators, banking calculators |
| Semi-automatic (PhotoTAN, QR-TAN) | Phone scans a 2D code from screen → computes response → user types response back to PC | German PhotoTAN, Swiss CrontoSign |
| Fully automatic (Mobile ID, Kobil AST) | Phone receives challenge over data channel, signs it, sends response back automatically — user just confirms on phone | Mobile ID, Authsignal, modern bank apps |
The general flow (all variants):
- User enters password →
1. password. - Server sends challenge →
2. challenge. - Token computes
response = f(key, challenge). - User (or phone) returns response →
3. response. - Server verifies.
The killer feature: transaction binding.
The challenge can include the transaction details (amount, recipient account). The response then cryptographically binds the user to those specific details. Even a malicious browser that tampers with the on-screen transaction can't fool the user, because the token shows the real challenge (with amount and recipient) directly.