D2OTP is the organisation that owns the secure communications protocol with encryption and mutual authentication, protected by international patent WO2022018310. This protocol, known as the D2OTP protocol, guarantees confidentiality, integrity and mutual authentication in the exchange of messages, regardless of the technological infrastructure connecting the communicating applications and without relying on PKI.The organisation's mission is to disseminate the benefits of D2OTP, promote adoption projects, license its use and offer technical advice for its implementation in areas where it provides the greatest value.
D2OTP (Drive to One-Time Password) is a next-generation cryptographic protocol that enables secure communication between applications, devices, or distributed systems without the use of digital certificates or Public Key Infrastructure (PKI).
Based on chained one-time passwords (OTP) with mutual feedback, D2OTP provides:
Mutual authentication, End-to-end encryption (E2E), Verifiable non-repudiation, Cryptographic traceability without servers
This model removes complexity, lowers operational costs, prevents fraud, and is resistant to quantum computing threats.
Key Advantages
Fraud prevention in online financial operations
Protects against impersonation, order manipulation, and fake confirmations through cryptographic proof and mutual authentication., No need for certificates or PKI
Eliminates dependency on certificate authorities and simplifies deployment and lifecycle management., Serverless mutual authentication
Verifies identity without relying on centralized authentication systems., Non-repudiation without digital signatures
Each party generates cryptographic evidence of message handling using symmetric mechanisms., High efficiency and low latency
Operates with minimal resource usage—ideal for real-time, constrained, or critical systems., Scalable and decentralized
Functions without central nodes, supporting mobile, federated, or disconnected networks., Channel-agnostic and highly adaptable
Works over IP, LoRa, BLE, radio, SMS, or offline communications., Built-in traceability
Every interaction leaves a verifiable record, with no need for log servers., Protection against replay and impersonation attacks
Uses dynamic values and chained OTPs to ensure message uniqueness., Native compliance with GDPR, PSD2, NIS2, ENS
Enables auditability and integrity aligned with global regulations., Post-quantum resilient
Immune to quantum attacks like Shor’s algorithm by avoiding public-key cryptography., Supports secure federated networks
Enables secure communication across independent entities without shared infrastructure.
Compared to Traditional Protocols
While TLS/IPSec and Kerberos rely on certificates and central servers, D2OTP eliminates these weak points by replacing them with lightweight, dynamic OTP-based mechanisms. Unlike DTLS/LoRaWAN, which are limited in scalability, or apps like Signal, focused on personal messaging, D2OTP offers E2E security and operational traceability suitable for enterprise, IoT, or defense environments—without external trust anchors or PKI.
Sectors That Benefit Most
Finance & Banking: Secures transactions and meets PSD2/DORA compliance., Defense & Security: Enables tactical coordination without relying on centralized infrastructure., Industry & Critical Infrastructure: Secures SCADA, automation, and mission-critical IoT., Healthcare: Protects personal data and enables secure clinical coordination., Logistics & Energy: Ensures traceable commands and field communication., Telecom & Emerging Tech: Supports federated, post-quantum secure networks.
D2OTP redefines secure communication by combining lightweight cryptography, decentralization, and verifiable trust—without certificates, central servers, or signature algorithms.