Convego® Mobile Authentication
Our authentication solutions fulfil the strong customer authentication (SCA) requirement of the EU Revised Directive on Payment Services (PSD2). The requirement ensures that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments, and adaption of this need is also seen globally.
Convego® Mobile Authentication in a nutshell
The solution builds on the FIDO UAF industry specifications, providing strong customer authentication via mobile devices (Android, iOS) and using biometric options for user verification. It is powered by Samsung SDS Nexsign technology and provides a balanced combination of usability, security and reduced operating costs. Users authenticate by presenting biometrics such as face, voice or fingerprint.
An end-to-end secured challenge response protocol based on the FIDO lightweight-PKI approach is then executed in the client-server solution, invisible to the user. It assures a strong cryptographic proof of the successful authentication and provides additional attestation on the integrity of the client authenticator. The combination of private key on the user device (possession) and biometrics (inherence) provides a very robust two-factor authentication with scalable security. Depending on the transaction risk, the types of authenticators (e.g. software or hardware) as well as the level of biometrics (e.g. single mode, like fingerprint only or multimodal like face+voice combined) can be freely chosen by server policy. No passwords or PINs are required anymore for the end user.
Accordingly, no cumbersome password-renewal procedures are necessary by the service provider if the user forgets a password. Besides security, user privacy is another key challenge. Our authentication solution addresses this need by storing all biometric data securely encrypted on the user device. No biometric user data ever leaves the device. As a consequence, no biometric server database exists removing any risk of scalable attack.
- Tailored to customer environment using standard APIs
- Flexible private key storage options – WBC, TEE, Card (optional)
- Secure PSD2-compliant solution certified by FIDO and Common Criteria
- Simple user experience with flexible integration of multiple biometrics
- No additional hardware tokens needed
Downloads Convego® Mobile Authentication
Our compliant digital onboarding solution meets the know your customer (KYC), anti-money laundering (AML), and combating the financing of terrorism (CFT) regulatory guidelines that pertain to identifying and authenticating who is who. All in a fast and user-friendly way.
Our latest innovation allows your cardholders to continue relying on the card that they already have at hand. Strong Customer Authentication use scenarios can be accessed with a single tap on their mobile device.
Convego® CloudPay eCOM and SCA
The biggest concern for e-commerce and online payments is cart abandonment at checkout. Tokenization and Strong Customer Authentication – or what we call delegated authentication – can prevent it and help increase conversions.