convenience and security for banking customers with ca advanced authentication
TRANSCRIPT
World®’16
ConvenienceandSecurityforBankingCustomersAndrewSteadman- ProductDirector-Agiliti - Fiserv
SCX50S
SECURITY
2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.
Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.
ForInformationalPurposesOnlyTermsofthisPresentation
3 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Abstract
Securingtheirchannels,bothdigitalandstaffed,iskeyforabankbutthatoftencomesatthepriceofconvenienceforthebank’scustomer.
Applyingtheappropriatelevelofsecurityattheappropriatetimewillbebothconvenientforthecustomerandsecureforthebank,satisfyingtheneedsofboth.WewilldiscusshowCAAdvancedAuthenticationandtheFiservFinancialCrimeandRiskManagementsolution,Agiliti,allowsbankstoapplyrealtimeriskassessmenttodeterminetherightlevelofsecuritychallengetoensurethecustomerandbankareprotected.
AndrewSteadmanFiservProductDirector,Agiliti
BalancingSecurityandConvenienceinBanking
5 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Whatproblemwereweseekingtosolve?
• FinancialInstitutionCustomersinteractacrossmultiplechannels• Securelyidentifyingcustomershasplacedanonerousburdenoncustomers• ‘Agiliti’wantedtosimplifythisforcustomers• EverincreasingcomplianceandonusontheFinancialInstitutiontoprotect• PSD2isgoingtoaddbroadaccessrequirements
6 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Makinga‘FasterPayments’transaction
?
7 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Makinga‘FasterPayments’transaction- 2 Ways
Theyaredifferent!!
SecurityCode
PayanewBeneficiary
£250Limitfor1st Payment
NoLimitfor2nd Payment
UserID,PasswordandPIN
PayanewBeneficiary
NoLimitfor1st Payment
AuthorisedbyCardDevice
8 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
How‘Agiliti’Solvesthatproblem
• Acombinationofcomponentsbuilttoasinglesolution
• Servicespublishedviaaservicebusenablesallchannels
• Realtimeassessmentofriskdeterminesthelevelofcredentialrequiredbythecustomer• UserID+Password• TemporaryPIN• OneTimePINdeliveredviaSMS• CherishedQuestions
9 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
AssemblingthePieces
FiservCommunicatorAdvantage
FiservFinancialCrimeRiskManagementPlatform(FCRM)
CAAdvancedAuthentication(CAAA)
AuthenticationServices
10 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
DeviceSignatures
• EverycalltotheAuthenticationServicescarriesadevicesignature• GeneratedbyCAclientsidelibrarieswithinApps• Generatedbyjavascript inbrowser• Valueisnotstoreonthedevice
• TrustedDevicesareidentifiedbyanArcotgeneratedIDwhichisstoredonthedevice
11 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
TypicalProcess
Logon••UserID••StaticPassword••TemporaryPIN••RiskAnalysis– SMSOTP
OTPrequiredifhighrisk••Senttomobiledeviceknowntobecustomers
••Dualfactorauthenticationapplied
Customerexecutesatransaction••PredefinedtohavepermanentPINrequired
••Userfor‘highrisk’transactions
Transactionpatternisnot‘normal’forcustomer••CAAAOTPissuedafterFCRMidentifiesanoutofcharactertransaction
••Holisticriskassessment
12 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
CAAdvancedAuthentication
13 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
FinancialCrimeRiskManagementPlatform
• Leveragesorganisationalknowledgeisassessingrisk
• Assessesinrealtimetodeterminerisk
• CreatesaCustomerRiskScore
• DeliversanHolisticViewofFraud
14 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
WhichChannelsareusingitinAgiliti?
• BranchandCallCentreplatform• ValidatessomenumbersfromPIN• NeitherpasswordnorPINrequiretobefullydisclosed• Usescherishedquestionsoverpassword• AllowsinputofOTPreceivedbycustomerviaSMS
• Web,Tablet,MobileandApps• All4digitalchannelsareusingthesamecredentials• Useofcredentialsisminimisedforabetteruserexperience
15 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Wherearewenow?
• Solutionislivetothepublicwithanumberofinstitutions• Itissupportinginstitutionswithanewdigitalexperience• CustomerandMemberreactionhasbeenverypositive
16 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Whatdoesitmeanforcustomers?
• Onesetofcredentialstoremember• Onlyaskedforminimalcredentialsbaseduponassessedrisk• Knowndevicesallowdatadisplaywithoutanyinput• Removetypicalapproachoflowestcommondenominatorsecuritymodel
Thankyou
18 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Don’tMissOurINTERACTIVESecurityDemoExperience!
SNEAKPEEK!
World®’16©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD18
19 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Stayconnectedatcommunities.ca.com
Thankyou.
20 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Security
FormoreinformationonSecurity,pleasevisit:http://cainc.to/EtfYyw