HUP Authentification and single sign on (HASSO)
Register once, ready, go …
HUP Single Sign On (HASSO) is a service that publishers and website operators who offer simple user logins can no longer do without. With a one-time registration, the user registers on a website, for example to write comments or texts in a forum.
With the SSO solution, further registration for new offers such as e-papers etc. is usually no longer necessary. Publishers have the great advantage – provided that address or payment data of the user are also available for paid services – of using the data for advertising without wastage. Parallel registration with one account can be regulated.
Either way, the publisher or the company remains “master” of the user data and does not store it in a cloud.
Registered users can create so-called “co-users”. For example, family members can participate in a subscription without having to register themselves (Family & Friends). The co-users inherit the permissions of the main user, but cannot make any changes.
For temporary actions, guest accesses can be set up with an expiry date or they can end at a specific time. The ideal tool e.g. for online trial subscriptions.
Miscellaneous Data transfer
If a prospective customer already uses a user administration for his online services, the data can be transferred to HASSO via an import. However, the users have to create new passwords.
Passwords are stored and sent encrypted. A readout of the passwords from the server is prevented.
Good to know
If SSO systems are currently in use, they have usually been created independently. There are rather few comprehensive, free systems: e.g. from Google, where the publisher then has to share its knowledge about its users. This is not advantageous for the publisher and the user.
Secure authentication of applications and user logins
SSO is based on the OAuth2 standard. The OAuth2 regulates the secure authentication of applications and the logon of users to the SSO.
Central office for user data administration
The administration mode defines the applications that can interact with the SSO. The SSO (HASSO) is, so to speak, the headquarters that manages the user data and provides the login. Applications can request authenticated users and retrieve their data if they are known to this center.
The special feature of HASSO: While other SSO systems store the e-mail and password during registration, the HASSO stores user data (customer administration).
Versatile use of user data
The customer administration enables the versatile use of this data after registration (e.g. not only for subscriptions, but also for competitions). The double participation of a user is controlled and excluded.
The registration process takes place via input mask or via REST-API (application programming interface).
After registration, the user receives a registration confirmation to the e-mail address entered.
The registration link must be confirmed once. This completes the registration process.
If the user has forgotten his password, it can be changed or a new password requested using the option of the same name. The change conditions can be set via a specific application or via REST-API.
Registered users can also enter co-users (e.g. Family and Friends; e-mail from friends) – as in the print version, the real reading life is digitally reproduced (A newspaper that the whole family reads along).
Authorizations of the main user
Co-users have a so-called sub-account and thus inherit the authorizations of the main user. The co-user cannot make changes to the authorizations of the main user, but they can be overwritten.
HASSO adapts to the layout of the page
HASSO is integrated into the publisher’s website – it adapts to the layout of the page.
The customer master data is managed in the administration area.
The administration of the e-mail templates is completely in the hands of the operator of HASSO. They can therefore be quickly adapted to changing requirements. E-mail templates are available for..:
- New registration
- Password Forgotten
- Installation/deletion co-user
Statistics can be read out (e.g. the largest number of users and at what time).
Mandatory fields for entering customer data can be set individually for a client/customer. In addition, authorized applications can request address and / or payment data, provided they are authorized to read them.
Mandatory field check
PHPass guarantees the security of passwords, which can be stored in HASSO by using PHPass particularly securely in the system.
Can be entered.
Server landscape HASSO runs on Unix and Windows servers