Privacy Policy
IITK Authenticator App
Last Updated: March 30, 2026
App Version: 1.7.2
Developer: Computer Centre, IIT Kanpur
Package ID: in.ac.iitk.authenticator
1. Introduction
This Privacy Policy explains how the IITK Authenticator App collects, uses, and protects your information. The app provides secure Time-based One-Time Password (TOTP) two-factor authentication for IIT Kanpur webmail accounts and any other services that support standard TOTP-based 2FA.
The IITK Authenticator is designed from the ground up with a privacy-first, offline-only architecture. It does not connect to the internet, does not have any servers, and does not transmit any data of any kind. Your TOTP secrets never leave your device.
2. What We Store
All data is stored exclusively on your device using AES-256-GCM encryption. Nothing is stored on any server or in the cloud.
TOTP Account Information
- Account issuer name (e.g., "IITK Webmail", "GitHub").
- Account username or email associated with the 2FA account.
- TOTP secret key (stored encrypted — never in plaintext).
- TOTP configuration: algorithm (SHA1/SHA256/SHA512), digits (6–8), and refresh interval.
- Display order and optional custom colour preference.
App Settings
- Security PIN (stored as a PBKDF2-HMAC-SHA256 hash — the actual PIN is never saved).
- Biometric unlock preference (enabled or disabled).
- Theme colour and display mode (light or dark).
- Language preference (English or Hindi).
- Wrong PIN attempt counter (integrity-protected).
- Lockout expiry timestamp (when a lockout is active).
3. App Permissions
The app requests only the minimum permissions necessary to function. No internet permission is requested or used.
| Permission | Why It's Needed |
|---|---|
| CAMERA | To scan TOTP QR codes when adding a new account. Camera frames are processed on-device in real time and are never stored, saved, or transmitted. |
| USE_BIOMETRIC | To allow fingerprint or Face ID authentication as an alternative to PIN entry via the Android BiometricPrompt API. |
| USE_FINGERPRINT | Legacy companion permission for Android API levels below 28. Same scope as USE_BIOMETRIC. |
No INTERNET permission: The IITK Authenticator does not declare or use the android.permission.INTERNET permission. The app is entirely offline and cannot make any network connection.
4. Security Features
The app implements multiple layers of security to protect your TOTP secrets:
- AES-256-GCM Encryption: Every piece of sensitive data (secrets, PIN hash, settings) is individually encrypted using AES-256-GCM with a fresh random 12-byte nonce per value and a 128-bit authentication tag that detects tampering.
- Hardware-Backed Key Storage: The AES master key is stored in Android Keystore (hardware-backed secure enclave on API 23+) and iOS Secure Enclave — it cannot be extracted from the device.
- PBKDF2 PIN Hashing: Your PIN is never stored. It is hashed with PBKDF2-HMAC-SHA256 using 100,000 iterations and a unique 16-byte random salt. A constant-time comparison prevents timing attacks during verification.
- PIN Brute-Force Lockout: The app locks for 10 minutes after 5 consecutive wrong PIN attempts. The attempt counter is integrity-protected with a coupled nonce to prevent counter-reset attacks.
- Clipboard Auto-Clear: When you copy a TOTP code, it is automatically cleared from the clipboard after 30 seconds (one TOTP time window).
- Root / Jailbreak Detection: The app detects rooted Android devices and jailbroken iOS devices and displays a security warning, as hardware-backed key storage may be compromised on such devices.
- No Backup Exposure: Sensitive data stored via Flutter Secure Storage is excluded from Android cloud backups and ADB backups.
- Fully Offline: No network stack, no analytics SDK, no crash reporter. There is no outbound channel through which data could leave your device.
5. How Your Data Is Used
Your data is used solely to operate the app on your device:
- To generate TOTP codes locally using the RFC 6238 algorithm.
- To authenticate you into the app via PIN or biometric.
- To remember your display preferences (theme, language, order).
- To enforce security policies (lockout, attempt counting).
No Data Sharing — Ever: We do not share, sell, rent, or transmit your data to anyone. There are no third-party SDKs, no analytics, no advertising networks, no crash reporting services, and no cloud sync. The app has zero external communication.
6. Data We Do NOT Collect
The following data is explicitly not collected, processed, or transmitted by this app:
- Location data
- Device identifiers (IMEI, Android ID, advertising ID)
- Usage statistics or analytics
- Crash reports or diagnostics
- Contact lists or call logs
- Photos, files, or media
- Any data from other apps on the device
7. Your Control Over Your Data
You have complete control over everything the app stores:
- Add, edit, or permanently delete any TOTP account at any time.
- Enable or disable PIN protection at any time.
- Enable or disable biometric unlock independently.
- Change theme, language, and display preferences freely.
- Use "Clear All Data" in Settings to permanently wipe all secrets, the PIN hash, and all app settings in one action.
- All app data is permanently deleted when you uninstall the app.
8. TOTP Code Generation
TOTP codes are generated entirely on-device:
- Codes are computed using the RFC 6238 TOTP standard with your device's local clock.
- Supports SHA1, SHA256, and SHA512 HMAC algorithms.
- Supports 6, 7, and 8-digit code lengths and custom refresh intervals.
- No code, secret, or any intermediate value is transmitted over any network.
- Time accuracy depends on your device clock — keep "Automatic date & time" enabled for correct codes.
9. Children's Privacy
This app is intended for use by members of the IIT Kanpur community (students, faculty, and staff) and general users who require TOTP-based two-factor authentication. It is not directed at children under the age of 13. We do not knowingly collect any personal information from children.
10. Policy Updates
We may update this policy if the app's functionality changes. We will notify you by:
- Updating the "Last Updated" date at the top of this page.
- Posting updates on the IITK Computer Centre website.
- Noting changes in the app's Play Store "What's New" release notes when applicable.
11. Contact Information
Computer Centre Help Desk
Computer Centre, IIT Kanpur
Email: mailhelp@iitk.ac.in
Phone: +91 512 259 7008
Website: https://webmail.iitk.ac.in
Useful links: