Privacy policy relating Canopus OTP/MAC generator

The term “private information” is used in current document as any information that identify or can be used to identify, to connect, to search a person, belonging to such a person. Private information that we save is a subject of current privacy policy. The policy can be changed from time to time.

Information that we don’t touch

  1. We do not ask and do not use your e-mail, phone number, passport number.
  2. We do not ask and do not use your geo-location.
  3. We do not ask and do not use your contact list.
  4. We do not ask and do not use your calendar
  5. We do not sell your content.
  6. We do not send e-mail news/announcement.
  7. We do not keep your action log.
  8. Our application doesn’t work and doesn’t send data and doesn’t receive data over any network.
  9. We do not create and do not use cookie-files.

What information we collect and why

We keep only two your personal keys that are generated for you in a payment system, client of that you are. Each key is a unique sequence of symbols, created by special math algorithms and associated with your user in your payment system. By those keys, our application generates one-time codes/passwords that you should input in internet-bank of payment system. So it is additional authorization of your actions in internet-bank and is additional security of your money. As user inputs one-time code the payment system verifies whether the code was created by key of the same user. If not – the payment system denies current user action request.

How we protect your saved information

We secure your keys.
After keys are imported no one user of application can see or export or copy keys. At all.
In the mobile device keys are saved in an area specially purposed by Android for keeping secret data. That area is inaccessible for user operations with file system. Also keys are encrypted by algorithms AES, PKDF2 and user passcode.
So what can be done with imported keys besides to generate one-time codes? User can either delete them in application within resetting passcode or change keys, importing other ones. New keys will erase old ones. When application is being deleted imported keys are being deleted too.

Required permissions

The application requires only access to camera. Camera is used to scan QR-codes from internet-bank pages to import keys and to generate one-time code to sign payments.

Our contacts


Комментарии запрещены.