Martin MendelCardsession 2017-12-07

Comfortable and Secure Shopping

NETCETERADIGITAL PAYMENTS & 3DS

NETCETERA GROUP

ABOUT NETCETERA FOR BANKS AND PAYMENT CARD ISSUERSProducts for 3-D Secure Services

Digital Payments (Mobile & Online Payments)

Mobile Banking, e-Banking

Payment Card Self-ServicingApps + Platforms

Personal Finance Management

User Authentication on Mobile

Electronic Bill Payment & Presentment, Clearing

Loyalty Programs

Financial Planning and Advisory

mPOS solutions

Data Management & Data Mining

Distinctive Competence and Customer Benefits

Digital Finance Tap into the growth potential and give users confidencein the digital world

Mobile First Be where your customers are, with simple, powerful and integrated apps, growing over time, on multiple platforms

Best Security Be protected by design, strong & biometric authentication, certified by Visa, MasterCard, American Express

User Experience Create positive touchpoints, go omni-channel without barriers, apps and security features that the users love

Company Facts Software with focus on serving banks and card issuers Mobile app proficiency since day one Experts in secure software engineering Operating PCI DSS certified data centers, 24/7 service 17 awards, outstanding apps and employer rating Founded 1996, today 500 employees in 8 international offices

Payment Security Digital Payment & Banking

OUR OFFER TO ISSUING AND ACQUIRING BANKS

1

DIGITAL PAYMENT FOR MPTS CUSTOMERS´ OFFERING

White Label

Digital Wallet

E-Commerce Checkout

A better way to check out online• No address entry• No card details entry• Use any card, tokenized, safer, trusted

App2App Payment (MDES,VTS)

A better way to pay your among Apps• Instantaneous • Card present like security based on

tokenisation• Following scheme Standard

Mobile Contactless Payment

A better way to pay in-store• At all stores worldwide with • Your wallet without the plastic• All cards at hand, tokenized, safer, trusted

* Comment: On Development Roadmap for Q4 17

WALLET ADD-ONS FOR MPTS CUSTOMERS´ OFFERING

Digital Wallet

Loyalty, Offers& Notifications

Reward and inform your customers• For any transaction, any device• Upselling / cross-selling• Valued touchpoints with your customers

Only for you

MoreIdentification, eTickets, Shopping List, Receipts, Banking Services, Apple

Pay Activation

Explore the potential• Bank account integration

(transaction history, limits, notifications)• Integrated with other services• Customizations

MobileApplication

SDK / white label app

Put card holders in control of their money• Manage cards, transactions, finances• Convenient security checks in one place• Consumer trust through issuer branding

3DS HOSTED SERVICES

25m Cards Protected

• Highly secure and highly available services, hosting, operations and maintenance

• Conception and installation of infrastructure, integration into existing environments

OUT-OF-THE-BOX AUTHENTICATION METHODS

• Netcetera’s standard 3-D Secure product offers the following two authentication methods out-of-the-box:

3DS OTP• Sending a generated code (one-time password) together with transaction data by text message (SMS)

3DS DYN• Transaction data is sent to a mobile app where it is confirmed with a single click

• Netcetera’s 3DS OTP and 3DS DYN can easily be combined with a risk-based transaction scoring.

RISK-BASED AUTHENTICATION ALLOWS ZERO-TOUCH AUTHENTICATIONS FOR THE BENEFIT OF BOTH - ISSUERS AND CUSTOMERS

USE CASES BY NETCETERA 3DS VERIFICATION

• 3DS registration Registration of payment card for 3DS

• 3DS transaction Verification of transaction via PIN (Fingerprint)

• 2nd factor authentication Login Sensitive action – e.g. Payment

USE CASE 0: 3-D SECURE REGISTRATION (WEB ACTIONS)

11

1 2

USE CASE 1: 3-D SECURE REGISTRATION (APP ACTIONS)

12

3 4

USE CASE 2: 3-D SECURE TRANSACTION (1/2)

13

1 2 3

USE CASE 2: 3-D SECURE TRANSACTION (2/2)

14

4 5 6

USE CASE 3: WEB 2-FACTOR AUTHENTICATION – LOGIN

15

1 2

Copyright Entersekt 2015

USE CASE 3: WEB 2-FACTOR AUTHENTICATION – SENSITIVE ACTION

Copyright Entersekt 2015 16

3 4 5

NETCETERA 3DS PSD2 RELATED FEATURES

• Most of PSD2 requirements are already covered by the current 3DS solution design:

Strong 2FA AuthenticationApp based push notification with biometric authentication features, independence and protection of credentials, malware detection, transaction monitoring (risk based)

Transaction Risk AnalysisRisk Based Authentication is part of Netcetera’s service offer since many years

Dynamic Linking and Authentication CodesImplementation ensures that authentication codes are specific to amount and payee, secure server/app channel, etc.

Recurring Payments and White ListingFeatures are currently being analyzed by Netcetera for implementation

Monitoring, Reporting, AuditFlexible monitoring and reporting features can be individually configured to fulfill regulatory requirements.

MOBILE APP BEST PRACTICE

MyBank

Accounts 6,750.00

Mobile Payment

3-D Secure

Security Configuration

Recent Transactions

Mobile Contactless

Payment

• For Android v4.4 and later (for few devices v5.0 is required)• With NFC (near field communication) connectivity supporting HCE• SDK tested against a number of reference devices

Transaction History

• Tap history on device, available also offline• App integration with card / bank account for complete account information• Peace of mind by showing all account transactions, mobile or plastic cards

Seamless Integration in Existing App

• Bank / issuer branding, leveraging trust and existing user interactions• Unified application with all functions for best user experience• Leveraging existing authentication and communication

Fingerprint / Biometric

Authentication

• For Android v6.0 and later with biometric sensors• Quick authentication, any available method (fingerprint, iris, face recognition)• SDK works in conjunction with authentication provided by app

One-click 3-D Secure

Authorization

• Just click OK, no passwords or codes to be entered• Triggered by risk-based transaction assessment• Also configurable for card holder authentication in calls to service desk

Unified Card Management

• Enable / disable cards for mobile contactless payments and other services• Block & report lost or stolen cards, immediate replacement cards (for MCP)• Show limits, geographic & other limitations

Manage Cards

MOBILE BANKING & PAYMENT REFERENCES

More than 60 mbankingimplementations

OUR HOSTED SERVICES:HIGHEST STANDARD OF SECURE AND COMPLIANT DATA STORAGE

Visa-certified hosting center System certifications: PCI DSS, VISA audit, both annual re-checks Housing partner in Switzerland – InterXion - ISO27001 & EBK High-security housing, (biometry-controlled access control, motion

sensors, and CCTV). Dual-control rack infrastructure Redundant 3DS servers

3DS Services Access Control Server (ACS) Risk Analytics Services

24/7/365 incident support Highest availability according to SLA