Mobile authentication to secure all digital channels
The mobile is shaking the entire financial ecosystem, requiring more convenience for consumers with new use cases and services including eBanking apps.
But it is also facing increasing cyber-attacks, calling for higher levels of security.
And financial institutions need to make sure their security implementations comply with the regulations such as the EU Payments Services Directive (PSD2) or FFIEC in the U.S.
The equation is complex, yet Gemalto Mobile Authentication Suite helps banks address all these challenges:
- Providing state of the art security to the mobile channel
- Allowing all other transaction channels to be secured with the mobile
- And bringing also biometric authentication, for an unmatched convenience for banks' customers and right level of trust required for digital financial services to spread
Next gen security for new gen services
While a vast majority of banks now view mobile services as the next frontier, they have yet to keep up with the necessary security scheme needed to protect these services.
Reports from security specialists
confirm years after years that mobile malware is on the rise in numbers and sophistication. After the
wave of infamous SMS malware (like Eurograbber) which
forward to hackers the One Time Code received to validate
transactions, fraudsters now try to disguise themselves
as genuine bank applications to collect card details and online user credentials (HWorm, Houdini).
Latest versions even prevent users from
alerting their bank!
Field proven, robust and flexible authentication solutions are key for such challenges.
Secure online transactions with your phone
Gemalto Mobile Protector Gemalto Mobile Protector is a Software Development Kit providing APIs to easily implement multi-factor authentication and mitigate against malware attacks. It offers 3 layers of authentication:
- What I have : a first layer of authentication in the form of Device Binding which consists of strongly linking the registered mobile device to a specific user account.
- What I know : It's the classic PIN code. This knowledge factor provides an additional layer of security and is used as the backup and root security for the other authentication factors. The solution includes a built-in randomized secure PIN pad to defeat attacks such as key loggers.
- What I am : The third layer is composed of biometric factors including fingerprint and facial recognition. Biometric authentication offers convenience since it eliminates the need to use PIN codes repeatedly.
One-stop shop authentication device
Banking customers often use their mobile banking
application as the primary channel, and switch to the
computer or tablet for more complex tasks. Banks can
embrace this behavior by making the mobile the central
hub for functionality and security.
The mobile app can
provide all services a user may need, and can also be
utilized for security since the mobile phone is always with
the user, day and night. By adopting an omni-channel
approach where the mobile, tablet, computer and phone
are no longer perceived as distinct channels, banks can
provide a much more fluid experience.
Gemalto Mobile Messenger enables this seamless
experience by ensuring that the mobile can be used
for authenticating to all channels. Your customers can
then use the mobile, tablet or computer to perform their
banking operations, using their mobile phone as their
one-stop authentication device.
Gemalto Mobile Secure Messenger includes an Out-of-Band messaging server and mobile SDK to send and
receive messages, including authentication requests
and transaction verifications, to targeted groups or
individuals. It creates a secure
channel between the bank’s information/authentication
systems and the mobile app. All communication is encrypted and signed.
Gemalto Mobile Protector
A Mobile Security and multi-factor authentication SDK including biometrics to integrate into any mobile financial applications
Gemalto Mobile Messenger
A Mobile Out-of-Band SDK to integrate into any mobile financial applications to secure non mobile channels
Mobile authentication suite used by over 40 banks
Gemalto Mobile Authentication Suite is already used by over 40 banks across the world to secure their financial services: Mobile banking, Mobile Wallet & Payment, Online Banking, eCommerce, Card Management, P2P money transfers and Cardless ATM to name a few!
What customers are saying
"We have a long-standing and trusted partnership with Gemalto, and their strong local presence has played a key role in ensuring deployment of this new service. Gemalto Mobile Protector also offers us a clear roadmap to deliver further innovation for our customers."
Elena Degteva, Head of Remote Banking Services Department, VTB24, Russia
"The integration of Gemalto authentication technology into the Banrisul mBanking solution is the ideal option to keep Banrisul at the forefront of simple, secure mobile solutions that enhance our customers' experience and streamline our operations."
Jorge Krug, IT Security Superintendent, Banrisul, Brazil