Is it possible to loadtest a Bharosa Authenticator Application which uses a randomized keypad?
One of their applications renders a completely randomized PIN pad or keyboard on the screen that the user clicks on using their mouse in order to enter their PIN or password. In this way, a key logger cannot read the password based on the keystrokes entered by the user since it is all mouse clicks.
The application uses an image overlay of coordinate values which changes each time the page loads. An algorithm in the background is then used to decode and verify the users password.
As Silk Performer works by capturing the traffic transmitted in between the client and server and replaying it multiple times to produce load, it would be necessary to know the algorithm used to generate the initial keyboard and then again for the encryption. This algorithm is not publically available.
Instead it may be possible to loadtest a site which uses Bharosa technology by using GUI Level load testing.