FMoP TOTP MCF Plugin
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage

Performance Testing

Overview

The TOTP module was performance tested using the Real Load product.

The test script involved:

  • Enrolling a user for the TOTP authentication method.
  • Triggering a TOTP step-up authentication.
  • Verifying the TOTP.

The test script included code to generate the OTP, as if an actual user was providing the OTP. This was done to simulate conditions as close as possible to a production deployment.

If required, we can tailor performance test scripts to your requirements, as part of a professional services engagement.

Results

Throughput

This first graph shows average throughput of the FMoP calls. Approx throughput was 108 TPS (FMoP API calls per second), split across 6 different FMoP API calls.

Approx. 18 TOTP codes per second were validated each second via FMoP’s authenticate() method. (5484 call / 300 seconds test duration time). Refer to the “Authenticate” measurement group in this screenshot:

Performance testing results
Performance testing results
Errors in results
Some of the authenticate() failed because the test system is configured with a 0 acceptance window. This means the OTP provided needs to exaclty match the one for the current time window, but sporadically the clock skew between the load generating system and the FMoP system caused an OTP to be invalid.

CPU Utiilization

This other screenshot shows the CPU utilization and the CPU specs of the VM that hosted the FMoP system.

CPU utilization Win 2019 / Tomcat 8.5
CPU utilization Win 2019 / Tomcat 8.5

Test Report

The complete test report (PDF) is available here: Download performance test report - PDF