Numerous digital channels and mass adoption of mobile banking mean financial institutions (FIs) are facing a dramatic increase in cyber-attacks.

Phishing, account takeover and social engineering are just a few of the ways in which fraudsters constantly challenge security measures.

It’s hard work to stay ahead while maintaining a seamless user experience. 

Yet ensuring the best UX is vital.

FIs must reduce friction for their customers and offer a convenient and secure digital banking experience, while making sure they comply with the latest security regulations, such as PSD2 in the EU.

 

Meeting the needs of FIs 

For decades, FIs worldwide have relied on Thales’ security solutions to protect access to their digital services. Our wide range of server- and client-based solutions for digital banking meets FIs’ security, functional and regulatory needs, and allows them to protect their customers and provide them with a convenient user experience when accessing services.

We now offer our strong customer authentication (SCA) solution as a cloud-based managed service. With Gemalto IdCloud for Access, we can provide the same security and convenience for your digital services much faster, more flexibly and cost efficiently, while also adding risk management services for increased security and usability through risk-based authentication (RBA).

Strong customer authentication (SCA)/ Risk-based authentication (RBA)

 

Best in class components

Our offer of cloud-based security services for financial institutions include:

Confirm authentication Server

Authentication server

Thales Gemalto Confirm Authentication Server (CAS) is the heart of the world’s most versatile, scalable, and secure authentication solution dedicated to protecting digital banking with multi-factor authentication (MFA).

Learn about our authentication server
 

Confirm authentication Server

Mobile biometric authentication

Thales Gemalto Mobile Protector SDK integrates into the financial institution mobile applications to provide application hardening and API access to the backend components of Gemalto IdCloud. It also combines with facial and fingerprint biometrics natively supported by the mobile device.

Learn about mobile biometric authentication 
 

Out-of-Band mobile authentication

Out-of-Band mobile authentication

Thales Gemalto Mobile Secure Messenger is an out-of-band server and a mobile SDK allowing FIs to turn any smartphone into a universal key unlocking access to all banking channels and digital services.

Learn about out-of-band mobile authentication
 

Answering a growing market demand

Gemalto IdCloud for Access meets the needs of agile, fast-paced neobanks and fintechs that work with short timelines and limited resources. We can deliver fully functional SCA services integrated with your digital services and mobile applications in weeks rather than months. 

  • For some, cost efficiency is the main driver for adopting cloud services. 
  • For others, it's an opportunity to become more agile and scalable. 

Regardless of your aims, we help you improve time to market for secure implementation and deployment of new services, which is critical to compete in this digital age. 

 

Risk management to recognise your ‘good’ users. 

Risk management services are at the heart of our cloud platform to secure and enhance access to digital banking services. They allow FIs to assess every online banking session in real-time to evaluate the risk, select the most appropriate authentication method, and then allow the transaction, block the transaction, or challenge the customer with a step-up authentication.

All are running unobtrusively in the background to provide the best end-user experience. This is called risk-based authentication (RBA). 

The technologies used for RBA harness the power of four layers of intelligence. Each layer analyses anomalous activities from different perspectives to identify those that are high risk before any damage occurs. 

Learn more about our cloud-based risk management services here. 

Risk management to recognise your ‘good’ users

 

A smooth transition from OATH to FIDO Passkeys

Most financial institutions (FIs) that have implemented Strong Customer Authentication (SCA) are using OATH technology.

The next step in the evolution of digital banking authentication is FIDO and Passkeys.

Embedded platform authenticators will greatly improve the user experience and a password-less future is within reach. We are certain that FIDO will replace OATH as the de facto standard.

This means that FIs face having to make another technological migration. Gemalto IdCloud supports both technologies and we have the experience to support these migrations.

We understand the importance of ensuring continuity of service and preventing any disruption or friction for end users.

We advise further enhancing security by adding RBA during this migration, as mentioned above.

 

 

Regulatory compliance and security certifications

Gemalto IdCloud is the perfect answer to the new security requirements of regulations such as PSD2 and FFIEC. It enables FIs to meet the PSD2 requirements for SCA and dynamic linking and offer real-time monitoring of the authentication and transaction process risk, as required in the regulatory technical standards (RTSs) of PSD2.

Complex security policies can be defined, based on the level of risk, the type of transaction and the user profile, as recommended by FFIEC. It also helps you to meet the requirement for stronger risk management to fight the increasing number of cyber-attacks and growing levels of fraud.

Data privacy regulations such as the GDPR in Europe and CCPA in the US are becoming ever more stringent. These can be a real challenge to comply with if data has to be processed by several different vendors for risk assessment. Gemalto IdCloud has been designed for GDPR and CCPA compliance.
 

 

OTP authentication and signature devices 

Even if most users today rely on their mobile phones for access and authentication to digital banking services, there are certain groups of users or specific uses cases that may require a physical one-time password (OTP) token or authentication device. We have a wide range of connected and unconnected devices that meet the multi-factor authentication security requirements for ‘something you know’ and ‘something you have’ very effectively.

OTP authentication and signature devices

 

One cloud platform to secure onboarding and access to digital banking

Our cloud-based managed services enable FIs to combine identity proofing and strong customer authentication to secure onboarding and digital banking access.

You can further increase security by adding risk management and enhance the customer experience with identity affirmation and risk-based authentication.

With one single platform.

The evolution of SCA leading up to Fido Passkeys

 

 

In this 4 parts of blog series you can learn more about:

More resources

•    Thales Gemalto IdCloud
•    Thales Gemalto IdCloud for Onboarding
•    Risk management services with Gemalto IdCloud
•    Thales Gemalto Confirm Authentication Server
•    Thales Gemalto Mobile Authentication Suite
•    OTP authentication and signature devices
•    Understand the PSD2 regulation
•   Neobank goes digital first with Gemalto IdCloud

 

Documents

fs-wp-idcloud-solutions-1

How to secure onboarding and access to digital banking services – with the customer experience in focus

A Gemalto IdCloud solution paper

Discover our solution paper
Gemalto IdCloud

Thales Gemalto IdCloud

One cloud platform to secure the digital banking journey

Gemalto IdCloud [PDF - 1mb]
fs-IdCloud-authentication.png

Thales Gemalto IdCloud for Access

Cloud based strong customer authentication and flexible risk management to secure access to digital banking services

Gemalto IdCloud for Access [PDF - 2 mb]
fs-wp-psd2.png

Understand PSD2 compliance and discover PSD2 solutions

Read our white papers​​​ to understand the latest implications of PSD2 for the banking and payment landscape in ​Europe​​​​.​​

Download the whitepapers

Cloud platform to secure digital banking

KYC services
Authentication services
Fraud and risk management services
Know your customer in banking

Mobile authentication

Mobile biometric authentications
Out-of-Band mobile authentication

PSD2

Strong customer authentication
How to improve user experience?
Innovate with open banking

Authentication server
OTP Authentication and Signature Devices
Corporate banking
Dynamic code verification
Consulting services
Greeen OTP for digital banking devices

Case studies
Get inspired
Brochures on Digital Banking
Awards
Developer portal

Get in touch with us

For more information regarding our services and solutions contact one of our sales representatives. We have agents worldwide that are available to help with your digital security needs. Fill out our contact form and one of our representatives will be in touch to discuss how we can assist you.

Please note we do not sell any products nor offer support directly to end users. If you have questions regarding one of our products provided by e.g. your bank or government, then please contact them for advice first.