Embed strong authentication into mobile applications
To improve the speed and efficiency in which financial institutions develop and provide customers secure, trusted mobile banking applications, Entrust announces their IdentityGuard Mobile SDK for mobile platforms. This security toolkit helps banks transparently embed Entrust’s strong authentication technology into an organization’s new or existing mobile-banking application.
From e-mail communication, social networking, banking, commerce, shopping and personal entertainment, mobile devices have enabled a radical shift in the manner in which organizations can now service their customers. But the growth in mobile devices and the drive to move more services to the mobile channel has also increased incidences of fraud targeting these devices.
The SDK also will assist financial institutions with deploying stronger authentication for online customer security, a requirement expected to be at the center of upcoming guidance from regulatory agencies of the Federal Financial Institutions Examination Council (FFIEC).
The organization’s 2005 guidance took a strong stance in support of the deployment of stronger authentication methods, as well as fraud detection techniques, to protect customer identities and information during online banking transactions. But advances in criminal technology demands stronger guidelines to help stop advanced attacks that target the identities and transactions of consumers and business-banking customers.
Embedding OTP tokens is more cost-effective than purchasing, issuing and deploying hardware tokens because it leverages devices that are already widely deployed — increasing user acceptance. This transparent approach meets mobile user expectations of quick, simple application access and helps application providers build a consistent brand between their mobile application and online presence.
For software developers creating mobile applications, security is often a secondary concern yet needed to help comply with regulatory guidelines for the financial industry, such as those provided by the FFIEC. But because of its straightforward APIs, the Entrust IdentityGuard Mobile SDK allows developers to easily design and implement identity-based security into their branded mobile applications without sacrificing usability or transparency for end-user adoption.
The SDK provides a number of capabilities that enables features such as transparent strong mobile authentication, soft token display to address online banking security and out-of-band transaction verification to help defeat advanced fraud attacks such as man-in-the-browser. With support for the most popular platforms, the toolkit delivers a common API framework that allows developers to leverage integration efforts across multiple development environments.