/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow Us/ciol/media/post_banners/wp-content/uploads/2014/12/M-bank.jpg)
MUMBAI, INDIA: HID Global has enhanced its ActivID authentication offering for digital banking.
Financial institutions using mobile banking channels have typically relied on simple passwords or out-of-band transaction verification based on one-time passwords (OTP) tokens sent via SMS to customers’ mobile devices.
The new solution works as phone as a token out-of-band verification solution uses transaction signing with private key cryptography over a trusted and secure electronic channel. The communication is encrypted with mutual authentication between the user’s mobile device and the financial institution’s online banking application.
Transaction non-repudiation is ensured by generating the private key outside the financial institution’s backend system and then protecting it to prevent extraction, cloning or access from another application.
When a transaction is initiated, the ActivID authentication server uses its mobile push capability to send an authorization notification to the user’s registered mobile device with all relevant information and a request to accept or reject it using the server’s ActivID Mobile Signing Software Developer Kit (SDK). Signed responses are returned to the server, which validates and forwards them to the online banking system to grant or deny transactions.
"Trust, total cost of ownership (TCO) and user experience (UX) vary among individual phone-as-a-token methods. Out-of-band (OOB) authentication using push modes offers the best balance of trust and UX, making it the best choice across many use cases," said Ant Allan, Analyst, Gartner.
“Customers are finding it increasingly difficult to differentiate between legitimate websites, emails, and phone calls originating from their own bank versus those created by fraudsters, making it more difficult for them to spot fraudulent transactions,” said Tim Phipps, vice president of product marketing, Identity Assurance with HID Global.
“With our ActivID Trusted Transactions solution, banks can offer convenient out-of-band transaction notification and authorization on mobile devices, which provides customers real-time alerts prior to a suspicious transaction being applied to their account. This places the control back in the customer’s hands by providing them with a simple way to confirm the legitimacy of a pending transaction.”