Out-of-Band authentication (OOBA) is highly valued in term of security. It uses two separate networks (Internet AND the mobile operator network, for example) working simultaneously to authenticate a user.
Just think about it.
It's particularly difficult, for an attacker, to compromise two different communications channels at the same time.
Now, what if your customers could turn their smartphone into a digital key to unlock the access to all online and mobile banking channels and secure them?
This is what Gemalto Mobile Secure Messenger makes perfectly possible.
It's omnichannel unleashed.
Gemalto Mobile Secure Messenger is an Out-of-Band server and a Mobile SDK allowing to turn any smartphone into a universal key unlocking access to all banking channels and digital services.
Gemalto Mobile Secure Messenger strongly authenticates and validates operations of eBanking, mobile banking, eCommerce, proximity payment, ATM, branches, etc.
As an example, Gemalto Mobile Secure Messenger can also be used to replace the traditional SMS OTP by distributing OTPs through a secure communication channel directly to the bank application.
Banks can thus better control their authentication costs while providing enhanced user experience.
Adapt your validation scenario
All situations do not require the strongest and absolute security all the time.
Gemalto Mobile Secure Messenger enables you to adapt your validation scenario according to the level of risk of a particular transaction.
- If the transaction is considered low risk, the solution can be used to simply inform the user that a transaction performed on a specific channel has been validated.
- If the transaction is considered as medium risk, then a confirmation will be required. In this case, the user will need to accept or reject the transaction on their mobile phone explicitly. This method is very convenient and straightforward for the customer, as confirmation can be done directly on the notification screen without even launching the bank’s mobile app.
- If the transaction is considered risky, the customer will be required to sign it by entering a PIN code or perform biometric authentication. This method can be applied by combining the Gemalto Mobile Secure Messenger solution with the Gemalto Mobile Protector, which includes all the necessary functions to generate One-Time-Passwords and transaction signatures.
Gemalto Mobile Protector also brings all the necessary security measures including advanced encryption, biometric authentication, binding, jailbreak detection and secure PIN pad (or fingerprint support) to make sure that your Gemalto Mobile Secure Messenger solution can deliver the highest level of security.
- Allows multi-channel banking and payment services
- High-performance Out Of Band Messaging Server based on In-Memory Data Grid technology
- Proprietary Secure Channel (DEP) to overcome SSL weaknesses
- Dynamic scalability with the ability to add nodes to increase performance
- Fault-tolerant (no single point of failure)
- Disaster recovery with WAN replication
- Push notification Support with GCM, APNS, and MPNS push networks
- Easy to implement API for fast deployment
- Helps banks to comply with FFIEC, NIST, and PSD2 regulations
Security in general, and especially in the mobile world, is in constant evolution. It requires permanent investments to keep up with the latest threats and attacks.
The Gemalto Mobile Suite benefits from a clear and continuously refreshed technology roadmap which relies on Thales’s experience in the digital and mobile security area.
Thanks to its robust experience in secure elements, smart cards and contactless technologies, Thales can ensure that its customers will always have access to the latest security innovations.