Mobile Based Authentication
Businesses, as well as personal banking clients, are increasingly depending on online services in today's fast-paced world. Financial institutions worldwide are offering online banking for customer convenience but the service has its own integral risks, especially regarding the security of transactions. Businesses are often heavily concerned about the safety of their employees' personal data and corporate information subjected to fraud. As a result, businesses are looking at protecting their reputation and image, by offering e-access solutions to their customers and employees with the security and convenience they demand. Individuals are also constantly looking for secure methods to make internet transactions.
With over 5 billion mobile phone subscriptions worldwide, the mobile phone is becoming popular as a multifunctional device. While the users change their mobile phones regularly, they still use the same SIM card. Businesses can now rest easy with the Mobile OTP (one-time password) solution implemented in the user's SIM card. Through a mobile device, users are able to generate an OTP. This option enables the businesses to offer a secure and easy way for its customers and employees to access company data.
Businesses can implement the service as a value-added feature for customers and employees to allow secure access to online portals and VPNs networks. Such a service will encourage greater use of online services thereby contributing to the efficiency of operations and secure access to the company services.
The user enters a PIN code to access the OTP application present on the SIM card and generates a 6-digit single-use password. With the OTP and his User ID, a user can access his online banking account. The OTP is generated without an online connection, therefore not requiring any information to be passed to the user via SMS or the availability of full network coverage at all times. If the business wants a non-SIM solution then Simage Technologies can also offer the Android or iOS based mobile OTP apps.
How it Works
A user wants to make a secure internet transaction. Entering the web login page the user is asked to type in the user ID and the password. The user starts the OTP application that is loaded into the SIM to create the OTP by entering user's secure application PIN number. The OTP is generated based on open source standard OATH algorithm.
The OTP is generated by the applet and displayed on the mobile phone. The user can type this OTP as a dynamic password into the "password" space of the web login page for a secure web access. The website owner finally can ask the Central Transaction Platform for validation by taking the OTP together with the user's ID. An MNO (Mobile Network Operator) could also offer its subscriber to use his MSISDN number as the User ID. This way the subscriber has the complete solution out-of-the-box.With the OTP generated by the SIM application, users can also securely visit websites supporting OpenID standards.
As the OTP is generated with OTP Application PIN, hence it provides a Strong 2-Factor authentication, mobile handset with secure SIM application and application PIN. The connection to the validation server is installed via a secure VPN tunnel which guarantees high-security level.
Financial Institution/ Business/ MNO/ Service Provider Benefits
Easy to implement and fast
No additional infrastructure or resources are required (authentication servers are hosted at Simage)
Less investment cost to provide the service
Better reputation and brand imageIncrease customer base with secure and reliable services
Attract customers from other market segments with a joint product offering
End User Benefits
Mobile handset independent. SIM application works on any handset
A highly secure authentication method
Undisputed reliability of services, anywhere, anytime
Convenient, fast and simple to use