Out-of-Band authentication (OOBA) is highly valued in term of security. It uses two separate networks such as internet and the mobile operator network, working simultaneously to authenticate a user.
Just think about it.
It's particularly difficult, for an attacker, to compromise two different communications channels at the same time.
So, what if your customers could turn their smartphone into a digital key to unlock the access to all online and mobile banking channels and secure them?
This is what Gemalto Mobile Secure Messenger makes perfectly possible.
It's omni channel unleashed.
Gemalto Mobile Secure Messenger is an Out-of-Band server and a Mobile SDK allowing to turn any smartphone into a universal key unlocking access to all banking channels and digital services.
Gemalto Mobile Secure Messenger strongly authenticates and validates operations of digital banking, eCommerce, proximity payment, ATM, branches, etc.
As an example, Gemalto Mobile Secure Messenger can also be used to replace the traditional SMS OTP by distributing OTPs through a secure communication channel directly to the bank application.
Financial institutions can thus better control their authentication costs while providing an enhanced user experience.
Read more on strong customer authentication
Adapt your validation scenario
All situations do not require the strongest and absolute security all the time.
Gemalto Mobile Secure Messenger enables you to adapt your validation scenario according to the level of risk of a particular transaction.
- If the transaction is considered low risk, the solution can be used to simply inform the user that a transaction performed on a specific channel has been validated.
- If the transaction is considered as medium risk, then a confirmation will be required. In this case, the user will need to accept or reject the transaction on their mobile phone explicitly. This method is very convenient and straightforward for the customer, as confirmation can be done directly on the notification screen without even launching the FI’s mobile app.
- If the transaction is considered risky, the customer will be required to sign it by entering a PIN code or perform biometric authentication. This method can be applied by combining the Gemalto Mobile Secure Messenger solution with Gemalto Mobile Protector, which includes all the necessary functions to generate one-time-passwords and transaction signatures.
Gemalto Mobile Protector also brings all the necessary security measures including advanced encryption, biometric authentication, binding, jailbreak detection and secure PIN pad (or fingerprint support) to make sure that your Gemalto Mobile Secure Messenger solution can deliver the highest level of security.
- Allows multi-channel banking and payment services
- High-performance Out Of Band Messaging Server based on In-Memory Data Grid technology
- Proprietary Secure Channel (DEP) to overcome SSL weaknesses
- Dynamic scalability with the ability to add nodes to increase performance
- Fault-tolerant (no single point of failure)
- Disaster recovery with WAN replication
- Push notification support with GCM, APNS, and MPNS push networks
- Easy to implement API for fast deployment
- Helps FIs to comply with FFIEC, NIST, and PSD2 regulations
- Can be implemented on-premises or as cloud services
Thales Gemalto Mobile Secure Messenger
Secure your online and mobile channels with your mobile phoneGemalto Mobile Secure Messenger [PDF - 1.2mb]