• Gemalto is now part of the Thales Group, find out more.

Out-of-Band mobile authentication with Gemalto Mobile Messenger


out-of-band mobile authentication

Out-of-Band benefits

Out-of-Band authentication (OOBA) is highly valued in term of security. It uses two separate networks (Internet AND the mobile operator network for example) working simultaneously to authenticate a user. 

Just think about it.

It's particularly difficult for an attacker to compromise two different communications channels at the same time.

Now, what if your customers could turn their smartphone into a digital key to unlock the access to all online and mobile banking channels and secure them ?

This is what Gemalto Mobile Secure Messenger makes perfectly possible.

It's omni-channel unleashed 

Gemalto Mobile Secure Messenger is an Out-of-Band server and a Mobile SDK allowing to turn any smartphone into a universal key unlocking access to all banking channels and digital services. 

Gemalto Mobile Secure Messenger strongly authenticates and validates operations of eBanking, mobile banking, eCommerce, proximity payment, ATM, branches, etc.

As an example, Gemalto Mobile Secure Messenger can also be used to replace the traditional SMS OTP by distributing OTPs through a secure communication channel directly to the bank application. Banks can thus better control their authentication costs while providing an enhanced user experience.

Adapt your validation scenario

All situations does not require the strongest and absolute security all the time. Gemalto Mobile Secure Messenger enables you to adapt your validation scenario according to the level of risk of a particular transaction. 

  • If the transaction is considered low risk, the solution can be used to simply inform the user that a transaction performed on a specific channel has been validated. 
  • If the transaction if considered as medium risk, then a confirmation will be required. In this case the user will need to explicitly accept or reject the transaction on their mobile phone. This method is very convenient and simple for the customer, as confirmation can be done directly on the notification screen without even launching the bank’s mobile app. 
  • If the transaction is considered risky, the customer will be required to sign it by entering a PIN code or perform biometric authentication. This can be done by combining the Gemalto Mobile Secure Messenger solution with the Gemalto Mobile Protector which includes all the necessary functions to generate One-Time-Passwords and transaction signatures. 

Gemalto Mobile Protector also brings all the necessary security measures including advanced encryption, biometric authentication, binding, jailbreak detection and secure PIN pad (or fingerprint support) to make sure that your Gemalto Mobile Secure Messenger solution can deliver the highest level of security.

Key features

  • Allows multi-channel banking and payment services
  • High performance Out Of Band Messaging Server based on In-Memory Data Grid technology
  • Proprietary Secure Channel (DEP) to overcome SSL weaknesses
  • Dynamic scalability with ability to add nodes to increase performance
  • Fault tolerant (no single point of failure)
  • Disaster recovery with WAN replication
  • Push notification Support with GCM, APNS, and MPNS push networks
  • Easy to implement API for fast deployment
  • Helps banks to comply with FFIEC, NIST, and PSD2 regulations
out-of-band for banks
 

Why Gemalto ?

Security in general, and especially in the mobile world, is in constant evolution. It requires permanent investments to keep up with the latest threats and attacks. 

The Gemalto Mobile Suite benefits from a clear and continuously refreshed technology roadmap which relies on Gemalto’s experience in the digital and mobile security area. 

Thanks to its robust experience in secure elements, smart cards and contactless technologies, Gemalto can ensure that its customers will always have access to the latest security innovations.