Banks and fintechs are at the vanguard of fraud protection, keen to keep the wheels of commerce turning while innovating to maintain the interest of their digitally savvy customers and ensuring that security remain robust, seamless, and easy to use. But how do you ensure your brand can keep up with the speed of the latest security tech?
Some companies are looking at the experience in Brazil to catch a glimpse of what they can learn.
Digio is a bantech that is becoming a leader in deploying strong, user-friendly security services into their financial platform. The digital bank is owned by one of the largest Brazilian bank: Bradesco. And its digital first approach is based on offering virtual credit cards and digital account services through a mobile app.
Digio breaks new ground
Digio’s passion for technology helps them achieve their aim of securing their digital banking services while still providing a frictionless user experience to all their customers.
Digio needed a partner that could:
- optimise security costs
- provide a scalable solution to support their aggressive growth plans
- offer a flexible pay-as-you-grow business model
- deliver all of these options with a fast time to market.
Digio is continuing on its bantech journey, which began with the launch of its popular credit card a few years ago and has progressed to the unveiling of digital bank accounts in early 2020. It is extending its portfolio with secure access to services to ensure all customers are confident that their money is safe. This is being achieved by deploying a mobile token solution which is both cost effective and very secure.
Let’s dig deeper into the solution it selected:
Cracking the user experience challenge
Fintech companies know that delivering a good user experience is vital and the approach that Digio is taking could provide a business model. It is ensuring access to its mobile app while continuing to provide the best possible user experience for its sophisticated digital native customer base. To achieve this, Digio is working with Thales to implement Gemalto IdCloud, a cloud-based strong customer authentication service that covers its bantech needs in terms of device binding, secure access, transaction signature and secure storage.
This solution offers high levels of flexibility, a speedy time to market for new services and the ability to scale rapidly.
Trust in Thales
Digio uses strong customer authentication (SCA) for login to its mobile app. Account takeover (ATO) is prevented through device binding.
The first time a user signs up for the service, device provisioning is triggered to securely bind the device to the user.
Every subsequent time the user attempts to access the app, Gemalto Mobile Protector SDK generates a unique cryptographic signature that is sent to the backend where it is validated to give the user access to the service. This process is completely transparent to the end user, so they can enjoy frictionless yet secure authentication when their device is recognised and approved.
Gemalto IdCloud enables financial institutions to secure the lifecycle of their digital banking services by combining identity proofing
and identity affirmation
services to secure onboarding
and strong customer authentication (SCA) and risk based authentication (RBA)
services to secure access
. It minimises friction to deliver a first-class digital customer journey and is all carried out with one single platform
Gemalto Mobile Protector
Gemalto Mobile Protector is the Mobile SDK for Android and iOS that pairs with Gemalto IdCloud to deliver strong customer authentication (SCA) leveraging device-native fingerprint and facial biometrics, exposing a simple API to ease developer’s integration into the FI´s mobile apps. It integrates a combination of security mechanisms, such as code obfuscation, encryption, key protection mechanisms with key management, device binding, and root and jailbreaking detection. It turns the user´s smart phone into a highly secured personal device to enable secure access to the bank’s digital services as well as secure confirmation of transactions.