Biometric authentication is reshaping mobile banking.
Customers worldwide love the simplicity of using fingerprints or facial biometrics for accessing their mobile apps.
Accordingly, many financial institutions are now upgrading their mobile authentication strategy and looking into biometrics to replace the PIN/password and even digitally sign sensitive transactions. They know this enhances the user experience for daily banking operations.
Strong customer authentication and privacy
Gemalto Mobile Protector supports both fingerprint and face recognition with simple APIs for developers to embed this type of customer experience within their apps.
Gemalto Mobile Protector makes wise and privacy-friendly use of biometrics: no biometric data is stored in data centres or servers. It all stays within the user's mobile securely.
We provide a turnkey optimised user interface (UI) which allows FIs to quickly start a biometric project and evaluate how to integrate within their existing user experience. Our UI can also be customised with minimal effort to ensure no disruption with the banks' design and branding.
Our Gemalto Mobile Protector integrates a combination of proven security mechanisms – such as code obfuscation, encryption, key protection mechanisms with appropriate key management, device binding, and root and jailbreaking detection.
This solution helps comply with the revised requirements of PSD2's Regulatory Technical Standard (RTS).
Read more about strong customer authentication
FIDO authentication framework
Gemalto Mobile Protector also supports FIDO2 protocol, an open, scalable and highly interoperable authentication framework backed by IT giants such as Apple, Google, Microsoft, Samsung and Intel...
As a FIDO board member, we bring decades of expertise in developing and deploying mobile authentication and security solutions for FIs choosing FIDO as the core standard of their authentication strategy.
As part of our versatile digital banking suite, Gemalto Mobile Protector fits perfectly into a FI's security lifecycle. It can be accompanied by your choice of complementary products, such as the Gemalto Confirm Authentication Server (CAS) or FIDO server.
Everything customers do in their online bank today, they expect to do on their mobile as well. Without compromising security, this is what Gemalto Mobile Protector makes perfectly possible - with built-in multi-layer mobile authentication and protection for digital banking, eCommerce and digital payment.
Key features
- Complete Multi-Factor Authentication
- One-Time Password, Challenge/Response and Transaction Data Signing
- PIN authentication with randomised secure KeyPad
- Biometric authentication with fingerprint and facial biometrics
- Device binding
- Mobile security: jailbreak/root detection, anti-debug, anti-hooking, advanced obfuscation
- HSM-based key protection for secure key provisioning and storage
- Easy to implement API for fast deployment
- Security audited by an independent third party and governmental agency
- Help banks comply with FFIEC, NIST, and PSD2 regulations
- Can be implemented on-premises or as cloud services
More resources on mobile authentication


Gemalto Mobile Protector
Secure online transactions with your smartphone
Gemalto Mobile Protector [PDF - 641 kb]
Thales Gemalto IdCloud for Access
Cloud based strong customer authentication and flexible risk management to secure access to digital banking services
Gemalto IdCloud for Access [PDF - 2 mb]
How to analyse PSD2 RTS compliant and non-compliant practices - Focus on mobile based authentication methods
This white paper helps you understand the consequences of PSD2 RTS for mobile based solutions and what you need to think about to be compliant.
Read the whitepaper