Numerous digital channels and mass adoption of mobile banking mean financial institutions (FIs) are facing a dramatic increase in cyber-attacks.
Phishing, account takeover and social engineering are just a few of the ways in which fraudsters constantly challenge security measures.
It’s hard work to stay ahead while maintaining a seamless user experience.
Yet ensuring the best UX is vital.
FIs must reduce friction for their customers and offer a convenient and secure digital banking experience, while making sure they comply with the latest security regulations, such as PSD2 in the EU.
Meeting the needs of FIs
For decades, FIs worldwide have relied on Thales’ security solutions to protect access to their digital services. Our wide range of server- and client-based solutions for digital banking meets FIs’ security, functional and regulatory needs, and allows them to protect their customers and provide them with a convenient user experience when accessing services.
We now offer our strong customer authentication (SCA) solution as a cloud-based managed service. With Gemalto IdCloud for Access, we can provide the same security and convenience for your digital services much faster, more flexibly and cost efficiently, while also adding risk management services for increased security and usability through risk-based authentication (RBA).
Best in class components
Our offer of cloud-based security services for financial institutions include:
Authentication server
Thales Gemalto Confirm Authentication Server (CAS) is the heart of the world’s most versatile, scalable, and secure authentication solution dedicated to protecting digital banking with multi-factor authentication (MFA).
Mobile biometric authentication
Thales Gemalto Mobile Protector SDK integrates into the financial institution mobile applications to provide application hardening and API access to the backend components of Gemalto IdCloud. It also combines with facial and fingerprint biometrics natively supported by the mobile device.
Out-of-Band mobile authentication
Thales Gemalto Mobile Secure Messenger is an out-of-band server and a mobile SDK allowing FIs to turn any smartphone into a universal key unlocking access to all banking channels and digital services.
Answering a growing market demand
Gemalto IdCloud for Access meets the needs of agile, fast-paced neobanks and fintechs that work with short timelines and limited resources. We can deliver fully functional SCA services integrated with your digital services and mobile applications in weeks rather than months.
- For some, cost efficiency is the main driver for adopting cloud services.
- For others, it's an opportunity to become more agile and scalable.
Regardless of your aims, we help you improve time to market for secure implementation and deployment of new services, which is critical to compete in this digital age.
Risk management to recognise your ‘good’ users.
Risk management services are at the heart of our cloud platform to secure and enhance access to digital banking services. They allow FIs to assess every online banking session in real-time to evaluate the risk, select the most appropriate authentication method, and then allow the transaction, block the transaction, or challenge the customer with a step-up authentication.
All are running unobtrusively in the background to provide the best end-user experience. This is called risk-based authentication (RBA).
The technologies used for RBA harness the power of four layers of intelligence. Each layer analyses anomalous activities from different perspectives to identify those that are high risk before any damage occurs.
Learn more about our cloud-based risk management services here.
Regulatory compliance and security certifications
Gemalto IdCloud is the perfect answer to the new security requirements of regulations such as PSD2 and FFIEC. It enables FIs to meet the PSD2 requirements for SCA and dynamic linking and offer real-time monitoring of the authentication and transaction process risk, as required in the regulatory technical standards (RTSs) of PSD2.
Complex security policies can be defined, based on the level of risk, the type of transaction and the user profile, as recommended by FFIEC. It also helps you to meet the requirement for stronger risk management to fight the increasing number of cyber-attacks and growing levels of fraud.
Data privacy regulations such as the GDPR in Europe and CCPA in the US are becoming ever more stringent. These can be a real challenge to comply with if data has to be processed by several different vendors for risk assessment. Gemalto IdCloud has been designed for GDPR and CCPA compliance.
OTP authentication and signature devices
Even if most users today rely on their mobile phones for access and authentication to digital banking services, there are certain groups of users or specific uses cases that may require a physical one-time password (OTP) token or authentication device. We have a wide range of connected and unconnected devices that meet the multi-factor authentication security requirements for ‘something you know’ and ‘something you have’ very effectively.

One cloud platform to secure onboarding and access to digital banking
Our cloud-based managed services enable FIs to combine identity proofing and strong customer authentication to secure onboarding and digital banking access.
You can further increase security by adding risk management and enhance the customer experience with identity affirmation and risk-based authentication.
With one single platform.
More resources
• Thales Gemalto IdCloud
• Thales Gemalto IdCloud for Onboarding
• Risk management services with Gemalto IdCloud
• Thales Gemalto Confirm Authentication Server
• Thales Gemalto Mobile Authentication Suite
• OTP authentication and signature devices
• Understand the PSD2 regulation
• Neobank goes digital first with Gemalto IdCloud
Documents

Thales Gemalto IdCloud
One cloud platform to secure the digital banking journey
Gemalto IdCloud [PDF - 1mb]
Thales Gemalto IdCloud for Access
Cloud based strong customer authentication and flexible risk management to secure access to digital banking services
Gemalto IdCloud for Access [PDF - 2 mb]
Understand PSD2 compliance and discover PSD2 solutions
Read our white papers to understand the latest implications of PSD2 for the banking and payment landscape in Europe.
Download the whitepapers