SIGNER – STRONG CUSTOMER AUTHENTICATION (SCA) METHOD FOR MOBILES OR TABLETS
Regulatory compliance, security and the user experience are the 3 main challenges currently facing EU financial market participants:
It is hard to achieve when regulatory compliance requirements and resisting fraud appear to directly contradict a pleasant user experience, by requiring the use of complex authentication procedures.
We are aware of the innovation-related priorities targeted by EU financial market participants, and we are convinced that our solution has all needed for accomplishing these targets:
In addition PSD2 compliance of our products allows you to be supported by a reliable and recognized solution, while leaving it free to select its own launch method:
– SaaS, or
– On-Premises
For SaaS model we choose certified local cloud partners who cover particular jurisdictions where data security laws or regulations require systems to be managed in-country.
Overview
A mobile app based solution to login authentication and transactions authorization in Service Provider`s customer-facing application using digital signature.
GCP Signer is fully compatible with EU regulations on SCA (Strong Customer Authentication).
Our solution is also 3DS 2.0 Compliant, satisfies latest MasterCard directive. It provide for secure enrolment and can be used for authentication or/and transaction confirmation.
Customer Enrolment
Service Provider (financial institution/PSP) configures enrolment options:
A private key is generated for each user’s device. Key is generated using biometrics.
Use cases
Login
When user needs to login the Service Provider app using Signer:
After opening the application, the user should point the camera phone to the QR-code displayed on the screen, reviews transaction details in Signer and scan a fingerprint to confirm the operation.
User opens a push message that appeared on the smartphone, reviews transaction details in Signer and confirm the operation.
Transaction authorization
For each transaction type its own fields that needs to be part of digital signature can be configured.
When user needs to confirm transaction using Signer:
Features
Off-line mode
Signer is capable of generating digital signature for transaction when the device doesn’t have Internet connection
Group payments confirmation
User can select multiple payments and confirm them in one go. Signer lists details of each transaction in the group.
Evidence generation
Signature is formed based on and stored along with the transaction details, which allows the finanacial institution to prove that particular transaction was confirmed by particular user. It also makes impossible to alter transaction’s details (non-repudiation).
PSD2 and 3DS2 Compliant
With 3DS 2.0 the consumer experience is simplified and enhanced, through the elimination of the initial enrolment process and removing the need for cardholders to remember static passwords.
Your customers can use Signer for all CNP transactions (cardholder-initiated or subscription payments).
Payments initiated by the customer are confirmed with one single action in full compliance with PSD2 regulation using factors of possession and inherence.
You can take benefit of different delivery models: