Authentication solutions as revenue booster – convenient ways to secure your customers
Today’s users of financial services expect them to be secure, convenient and easy to access – anytime, anyhow, anywhere. A shifting industry landscape prompt for identifying new differentiators in order to create value to your customers. And the never ending growing digital demands, both from infrastructural and technical perspectives as well as from customers and their expectations, are immense.
For you to cater and nurture your customers with services they expect, you need to digitalize every aspect of your business. Designing these services to be channel agnostic and customer centric creates trust and builds relationships. Your key to staying relevant to your customers is to seamlessly and securely manage their customer journey. With security by design! To enhance the customer expectation, by offering seamless digitalized onboarding of new customers, that is fully compliant, new customer acquisition is made easy.
And authenticating customers in an easy-to-use way, your conversions and transaction flows have never been higher. With our trustworthy and secure solutions for identity proofing and authentication, new revenue streams are easily developed, enabling all types of businesses: virtual, physical, online and offline. And allowing your customers to enjoy a state-of-the-art user experience.
The process of onboarding and registering new customers is a very important step in the customer relationship journey. Creating a great user onboarding experience yet being compliant with local Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations is a key challenge in an increasingly digital world.
Our flexible and scalable system platform addresses many regulatory needs and exception handling:
- LEVEL 1 – Automatic document read: ID document capture, country/document type recognition, and OCR-based readout and check of data
- LEVEL 2 – Biometrics: Face recognition and comparison, liveness detection
- LEVEL 3 – ID document validity check: Dynamic security feature detection, holograms, and optically variable check
- LEVEL 4 – Manual backup check: Asynchronous manual check of acquired data, review of security features and biometrics, and checks based on captured photos and videos
- LEVEL 5 – Video-ident: Video-ident process compliant with various regulations (AML, KYC)
With our solution, you:
- Increase conversion rates by up to 50% through the introduction of Secure Remote Identification
- Reduce the time from application to account opening from days to minutes with a 100% digital process
- Lower the cost for customer identification by more than 60% versus a conventional in-store onboarding flow
Downloads Convego® me
For an easy overview of all benefits with our compliant digital onboarding solution, download our Playbook.
Solution brief on Secure Remote Identification
Onboarding to new services and identification of customers’ needs to be compliant with local regulations, using official ID documents such as national IDs and passports.
Convego® Mobile Authentication
Our authentication solutions fulfil the strong customer authentication (SCA) requirement of the EU Revised Directive on Payment Services (PSD2). The requirement ensures that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments, and adaption of this need is also seen globally.
Convego® Mobile Authentication in a nutshell
The solution builds on the FIDO UAF industry specifications, providing strong customer authentication via mobile devices (Android, iOS) and using biometric options for user verification. It is powered by Samsung SDS Nexsign technology and provides a balanced combination of usability, security and reduced operating costs. Users authenticate by presenting biometrics such as face, voice or fingerprint.
An end-to-end secured challenge response protocol based on the FIDO lightweight-PKI approach is then executed in the client-server solution, invisible to the user. It assures a strong cryptographic proof of the successful authentication and provides additional attestation on the integrity of the client authenticator. The combination of private key on the user device (possession) and biometrics (inherence) provides a very robust two-factor authentication with scalable security. Depending on the transaction risk, the types of authenticators (e.g. software or hardware) as well as the level of biometrics (e.g. single mode, like fingerprint only or multimodal like face+voice combined) can be freely chosen by server policy. No passwords or PINs are required anymore for the end user.
Accordingly, no cumbersome password-renewal procedures are necessary by the service provider if the user forgets a password. Besides security, user privacy is another key challenge. Our authentication solution addresses this need by storing all biometric data securely encrypted on the user device. No biometric user data ever leaves the device. As a consequence, no biometric server database exists removing any risk of scalable attack.
- Tailored to customer environment using standard APIs
- Flexible private key storage options – WBC, TEE, Card (optional)
- Secure PSD2-compliant solution certified by FIDO and Common Criteria
- Simple user experience with flexible integration of multiple biometrics
- No additional hardware tokens needed
Downloads Convego® Mobile Authentication
A commercial European bank needed a solution that was simple to use for consumers, highly resistant against fraud, PSD2-compliant and cost-effective for the bank. See how we could provide an outstanding solution for this bank, not only securing the authentication process but simplifying the customer experience with biometrics.
Get detailed information about our solution. It is highly secure, seamless, biometric based and PSD2 compliant.
With the Convego® tap solution you can offer strong customer authentication in a cost efficient way. Consumers can use their existing, familiar and well-trusted banking card as a secure and convenient authentication factor for online banking. No need to handle extra hardware or inconvenient TAN/ one-time password (OTP) generators or apps.
For secure app onboarding, the user is asked to enter the known online banking credentials (e.g. account number and online banking PIN) and then to tap the banking card as a secure second factor authentication. For the card activation use case, when the consumer receives a new card, this can be easily activated by logging into mobile banking and tapping the card against the phone. No need to visit a bank branch or to activate the card at an ATM.
With our end-to-end security design and a dynamic challenge being sent to the card, Convego® tap provides a strong and dynamic proof that a customer is in possession of the bank card. The technology meets legal requirements for two-factor authentication such as PSD2, supports FIDO-compliant authentication solutions, and can be used to authorize high-value transactions with hardware level security.
Convego® tap in a nutshell
The solution leverages the hardware security of modern banking cards and authenticates the card based on dynamic signatures and the card trust hierarchy. The solution provides end-to-end security between a secure server component and a client SDK. It also operates with several layers of security to make manipulations or replay of authentication data impossible. If combined with a FIDO solution, Convego® tap provides a FIDO-compliant two-factor authenticator (FIDO UAF) based on a FIDO key derived from authenticated card data.
In summary, the main benefits are:
- Higher transaction values thanks to a simplified two-factor authentication scenario
- Cost-efficiency because existing hardware is used and no need to send TAN/OTP
- A digital first approach puts your brand on top of the competition
- Intuitive, convenient and secure authentication
- Higher card activation rates and service onboarding
- Compliant two-factor authentication
Downloads Convego® tap
A European banking giant asked G+D to assist with a solution for several customer challenges. Rollout of the solution was fast and effective – giving the bank both immediate and ongoing cost reductions. Here’s how they did it.
Explore our use cases for utilizing banking cards for strong customer authentication.
Get insights in how you can leverage your business with our experience by downloading our datasheet.
Convego® CloudPay eCOM and SCA
When it comes to e-commerce and payments, the biggest concern is cart abandonment at the checkout. However, tokenization and Strong Customer Authentication can prevent it. At the checkout, the consumer faces two types of authentication: first when logging in and authenticating herself as a user of the merchant’s app, and then for a second time at the checkout, with authenticating herself as owner of a card. This gives friction that leads to cart abandonment. But there are solutions merchants can leverage upon to balance compliance, costs, and UX such as a card-on-file solution (CoF) like our Convego® CloudPay eCOM solution supporting network tokenization.
With this solution, merchants can offer secure payments without having to store sensitive customer data, avoiding the need for costly risk management tools, and removing the risk of data security breaches and cyber threats. Instead a merchant can stay ahead of the competition by focusing on the core business and at the same time offer a state-of-the-art and convenient customer experience when it comes to fulfilling the payments at the checkout.
Convego® CloudPay eCOM and SCA in a nutshell
Combine CoF network tokenization with embedded SCA, the customer experience will be even more satisfying at the checkout. If SCA is already done when the consumer is logging in to the merchant’s app, the issuer can rely on that authentication and won’t ask for another one for processing the TRX, fastening up the payment process making it seamless. We call this delegated authentication. This is done thanks to optimized Card Lifecycle Management where the network token is decoupled from the funding card for automatic renewals, and as a result there is no need for the customer nor the merchant to update any card data if as/when cards expire as this is done automatically.
Network tokenization offers significant benefits over proprietary solutions:
- Convego® CloudPay eCOM offers multiple payment brands and network tokenization with a single integration – scalability and convenience!
- Automatic token refresh at card renewal, no interruption to scheduled payments and no discontinuation of service
- Higher security as the tokenization goes through a Token Service Provider and each transaction has a cryptogram
- Network Tokenization covers a variety of use cases such as in-car payments, in-app, and mobile e-commerce payments
Downloads Convego® CloudPay eCOM
The most significant concern related to e-commerce and payment processing is cart abandonment at the checkout. Tokenization and SCA can prevent that.
Trend report about delegated authentication
Frictionless payment allows consumers to shop online in a seamless way. But what about the authentication? And how to secure customer payment credentials without disrupting the checkout process? Here you will find the answers.
Digital Payment Solutions
Our Convego® CloudPay Suite offers solutions for digital wallets, e-commerce payments, wearable enablement, and tokenization lifecycle management. Brands use it to refine their products and provide their customers with a choice of payment options.
Wearable Payment Enablement
Our future-proofed secure wearables solutions for contactless payments enable secure authentication and credential management along with value-added services.
Loyalty & Pre-Paid
Our solutions enable retailers to deliver a full-featured, multi-channel in-store payment system at scale. It puts your brand in front of the customer and creates stickiness, and the same time allowing you to evolve new revenue streams.