Entersekt squirrels away authentication keys on Amazon cloud

Source: Entersekt

As the war on fraud rages on within the financial industry, the need to ensure full protection of all sensitive customer data is at an all-time high to best prevent possible instances of account takeover.

In an effort to further enhance the functionality and security of its Transakt application—and provide greater protection to those utilizing the solution— transaction authentication provider Entersekt has selected Amazon Web Services (AWS) to securely store valuable data through the company's cloud services.

Leveraging AWS' CloudHSM service, Entersekt will now store the encryption keys for Transakt, which protect highly sensitive bank account data, in the AWS cloud, which protects data by utilizing industry standard, tamper-resistant security hardware technology. By migrating to the AWS cloud, Entersekt maintains full access to their data while benefitting from the added security measures provided and managed by Amazon Web Services. In addition, the AWS CloudHSM service can help companies like Entersekt fully comply with the most stringent regulatory and contractual requirements related to key protection.

As part of the data migration process, Entersekt completed its Root Key Ceremony on September 6 at its Stellenbosch, South Africa location. The Root Key Ceremony is a standard industry procedure by which a unique pair of public and private root keys are generated and stored securely, in this case, in the AWS cloud.

"Having been exposed to Amazon Web Services in the past, their offerings were top of mind for us as we looked into options for storing our encrypted keys for Transakt," says Christiaan Brand, chief technology officer of Entersekt. "Amazon Web Services' unmatched service offerings and trusted name within today's business world made them an ideal company for us to work with especially due to the sensitive nature of the data we're entrusting them with."

Entersekt's one-of-a-kind approach to transaction authentication harnesses the power of electronic certificate technology with the convenience of mobile phones to provide financial institutions and their customers with full protection from fraud in the online and card-not-present space. Entersekt's mobile application, Transakt, verifies both the bank and the mobile device, eliminating the need for expensive hardware tokens or cumbersome one-time passwords. The bank retains full control over registering users and all communication is encrypted end-to-end and cannot be intercepted by outside parties.

Comments: (0)