how to get rid of those pesky hardware tokens
TRANSCRIPT
Enabling mobile transactions to gain a competitive edge
Onegini makes doing online business easy and secure
Webinar: How to get rid of those pesky hardware tokens
Denis JoannidesMathijs Brand
Our Promise
We enable secure mobile transactions and protect customer data, offering the best user experience.
Banks are innovating
Online Only Banks (OOB)
Mobile Online Only Banks (MOOB)
New authentication methods
Online registration and identification
No more hardware tokens
Facts about hardware tokens
Web channel (Strong) Login
Transaction signing
Europe& US
Bad user experience ‘90
New rules
Mobile First Convenience Speed
Hardware tokens are old school
Disadvantage RemarksCost per token is high Not only the cost per token but also
token distribution and replacements
Integration is difficult Needs to be integrated in multiple systems.
Bad user experience Any time any place Poor scalability How to distribute tokens for 10
million end users? Only web Software tokens support mobile
Let’s change this
- Support the customer journey
- Design for today and the future
- Embrace Mobile First
The smartphone will become the key to success
Reuse the smartphone of the end user -> low cost
A smartphone can be used to create better security Video Location NFC Biometrics
Create a rich user experience by providing mobile apps
Comparison
Old school Onegini
Solution Just a Key Complete platform for end-2-end security
Implementation Complex Simple
Management Needs to be build Out-of-the-box
PSD2 support No Yes
High level overview Onegini
Onegini Intrinsic Security
Payload encryption Throttling Brute force prevention Payload inspection Extra security filter OWASP Top 10
Non-intrusive AES-256 encryption Forward secrecy Invulnerable for MitM
attacks Provide Confidentiality &
integrity
All security needed for transactions will be handled by Onegini. No Development effort needed.
And you will get much more
Customer onboarding – IDchecker
Install app Fill in personal data for identity validation
Account createdValidate the Identity. In this example we use IDchecker, but also WEB ID can be used
Examples Mobile Authentication
Secure transactions including a secure response.
Secure login using secure push message.
Secure transaction including extra authentication (validation) using a fingerprint
Push messages sent directly to user’s device
One last thing…...
FIDO Support
Strong partnership with Samsung
Summary
The customer journey is leading
Requirements for authentications have changed
Authentication is just a feature
Implement intrinsic security systems
Simplify
Questions
Contact us
Onegini makes doing online business easy and secure
More info: www.onegini.comMore videos: www.onegini.tvEmail:
Twitter: @Onegini