Signicat, the first and largest identity assurance provider in the world, has launched MobileID, its mobile authentication product.
In addition to offering financial service providers speedy onboarding and identity assurance using a number of digital identity schemes, Signicat now also offers Strong Customer Authentication (SCA) using the end-user’s smart device.
Upcoming PSD2 legislation will demand that many transactions over €30 must be authorized with at least two-factor authentication. MobileID will put financial services providers ahead of this legislation, not only by offering multi-factor authentication, but offering it in a way that is convenient to consumers and will not result in abandonment.
MobileID works by turning a consumer smart device into a security credential. The device becomes the ‘something you have’ factor for authentication, while a PIN code becomes the ‘something you know’ and biometric data such as fingerprints can be used as a third ‘something you are’ factor.
MobileID allows banks and other financial service providers to offer multi-factor authentication without the need to provision additional hardware or demand that customers copy and paste a one-time password from an SMS or a separate application. Instead MobileID harnesses smart device capabilities, including the latest biometrics, to deliver simple but secure access to digital channels.
“A speedy onboarding and application experience is a must for financial services providers who don’t want to lose 40% of their potential customers at this stage,” said Gunnar Nordseth, CEO, Signicat. “Keeping these customers means giving them the best experience possible when accessing services and authorizing transactions - MobileID gives customers that simple experience while meeting PSD2 requirements way ahead of these regulations being adopted.”
MobileID’s features include:
• Device agnostic, with support for both the latest iOS and Android devices
• The ability to add existing and future device-based authentication technologies
• Device and user intelligence, including geolocation, for risk-based authentication
• An offline mode so the smart device can be used to authenticate without a data connection
• Defenses against jailbroken devices and debugging attempts
Contributed | what does this mean?