SlideShare a Scribd company logo

Passwordless Mobile Banking.pdf

KMSSolutionsMarketin
KMSSolutionsMarketin

With the advanced technologies such as biometrics verification and cryptographic keys, IT around the world is moving towards passwordless authentication for its apps. Subscribe for more insightful report at: https://kms-solutions.asia/

Software
1 of 6
Download to read offline
Passwordless Mobile Banking DIGITAL BANKING May 2022
INTRO. With the advanced technologies such as biometrics verification and cryptographic keys, IT around the world is moving towards passwordless authentication for its applications. Fast Identity Online 2 (FIDO2) is the industry’s answer to the global password problem and addresses all of the issues of traditional authentication. Passwords are a big problem for the financial services industry. It’s common for criminals or hackers to compromise passwords through brute force, credential stuffing, dictionary attacks, and phishing or social engineering. According to Verizon 2021 Data Breach Investigations Report, 89% of breaches within Hacking involve Brute force or the Use of lost or stolen credentials. To limit the damage of compromised passwords, organizations typically ask users to set overly complex passwords and 3FA KNOW HAVE ARE change them frequently. This practice creates a hassle and big friction to digital processes. For many IT departments, password support and maintenance are often the largest cost. Password replacement options can help organizations offer convenience and improve user experience without exposure to high security risk. FIDO2 cryptographic login credentials are unique across every website, never leave the user’s device and are never stored on a server. This security model eliminates the risks of phishing, all forms of password theft and replay attacks. Login access to an account is limited to a register device (something you have) and requires a second factor such as facial or fingerprint (something you are) to unlock the cryptographic keys. Passwordless Authentication | Intro Passwordless Authentication | Intro
This practice will create a more convenient authentication experience for users on their digital journeys. Modern iOS and Android mobile devices have built-in support for facial or fingerprint authentication, thus it reduces the fictions in the entire process allowing users to access to the services they need in a few seconds. Many iOS and Android mobile devices have built-in support for facial or fingerprint recognition, allowing the device authentication to be performed within a few seconds, thus reducing friction in the entire process. 3 steps to authenticate your account 1 Match your fingerprint 3 Scan your fingerprint 2 Scan your face Got it CONGRATULATIONS! Next In passwordless mobile banking scenarios, users provide only a username to initiate authentication. The mobile banking app then presents a device-native dialogue to the user. Once the user provides biometric authentication or a PIN, the unlocked private key will be used to sign the authentication request and pass it back to the application Next Your Username Mobile Banking & Passwordless Authentication Passwordless Authentication | 01
• Mobile Frontend is the banking application that wants to authenticate users or confirm the transaction. • The Frontend component communicates with the Platform Authenticator for the authentication ceremony. The information is then passed to the backend and Authentication API to finish the transaction. 1st-time onboarding After a user has registered for a bank account, users must register their mobile device as their primary authenticator. This ceremony could be accomplished in one of the following ways: • Automatically: The secret keys are sent in encrypted form online. Users have installed Mobile Banking App, register their communication channel, perform eKYC procedures and successfully create a bank account. Encrypted data can be fetched from Authentication API component. • QR-Coded: A QR code containing all required key information is submitted to the users via a Bank Branch visit or sent over a trusted channel such as video call. Once registered, the user’s mobile device is the key to authenticate as well as sign the transactions Mobile Banking App Mobile Frontend Auth API Mobile Backend Authentication API Platform Authenticator CTAP2 User Store Application Architecture Overview Passwordless Authentication | 02
Authentication and Transaction Signing 1. Frontend trigger authentication initialization 2. User provides consent through a biometrics or a PIN 3. The authentication response phrase is sent to backend for processing 4. Authentication API validate the response phrase using stored credential public key FIDO2-based solutions will help increase User experience, faster login and transaction confirmation. In the digital world, make it simple for the Users with one-tap confirmation, no need to keep USB tokens, digital token generators. The Solution also helps reduce the operations cost, reduces requests to helpdesk for password reset. Passwords are going away. The future belongs to passwordless authentication solutions. Operation 1 from 1 Got it Bank Acc Name The First Bank Bank Acc No 123-45678-912 Sort Code 5439 Swift Number HSBCSGSG IBAN SG12340000000123456 Amount $100 CONFIRMED Next Passwordless Authentication | 03
KMS Solutions works closely with leading software companies across the globe to bring the most advanced and innovative technologies to Asia Pacific. The focus is to help organizations achieve their business goals through world-class fit-for-purpose solutions and proven industry best practices. KMS Solutions’ success is ultimately measured by the positive impact that it makes to the client’s business. To learn more about KMS Solutions, visit https://kms-solutions.asia/

Recommended

Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connect
Keet Sugathadasa
 
Going beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much moreGoing beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much more
indragantiSaiHiranma
 
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORDSECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
International Journal of Technical Research & Application
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
Pankaj Rane
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?
Ivona M
 
IRJET - Three Layered Security for Banking
IRJET - Three Layered Security for BankingIRJET - Three Layered Security for Banking
IRJET - Three Layered Security for Banking
IRJET Journal
 
Procert Authentication Platform by Mcarbon
Procert Authentication Platform by McarbonProcert Authentication Platform by Mcarbon
Procert Authentication Platform by Mcarbon
Mcarbon Tech Innovation Pvt Ltd
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
Archana833240
 

Recommended

Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connect
Keet Sugathadasa
 
Going beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much moreGoing beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much more
indragantiSaiHiranma
 
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORDSECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
SECURED BANKING TRANSACTION USING VIRTUAL PASSWORD
International Journal of Technical Research & Application
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
Pankaj Rane
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?
Ivona M
 
IRJET - Three Layered Security for Banking
IRJET - Three Layered Security for BankingIRJET - Three Layered Security for Banking
IRJET - Three Layered Security for Banking
IRJET Journal
 
Procert Authentication Platform by Mcarbon
Procert Authentication Platform by McarbonProcert Authentication Platform by Mcarbon
Procert Authentication Platform by Mcarbon
Mcarbon Tech Innovation Pvt Ltd
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
Archana833240
 
Bg24375379
Bg24375379Bg24375379
Bg24375379
IJERA Editor
 
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
IRJET Journal
 
Introduction to Solus
Introduction to SolusIntroduction to Solus
Introduction to Solus
Solus
 
SolusDeck
SolusDeckSolusDeck
SolusDeck
andreeabrodo
 
Gresham Publication
Gresham PublicationGresham Publication
Gresham Publication
Gresham Jnr Muradzikwa
 
A Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdfA Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdf
Pay10
 
The Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdfThe Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdf
IDMERIT IDMERIT
 
How to integrate payment gateway in your android or i os application
How to integrate payment gateway in your android or i os applicationHow to integrate payment gateway in your android or i os application
How to integrate payment gateway in your android or i os application
Jane Brewer
 
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET Journal
 
How to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyHow to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategy
VASCO Data Security
 
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
ijiert bestjournal
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 
Role Of Two Factor Authentication In Safeguarding Online Transactions
Role Of Two Factor Authentication In Safeguarding Online TransactionsRole Of Two Factor Authentication In Safeguarding Online Transactions
Role Of Two Factor Authentication In Safeguarding Online Transactions
ITIO Innovex
 
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
Data Con LA
 
Cryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for bankingCryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for banking
Hai Nguyen
 
Evolution of Digital Trust
Evolution of Digital TrustEvolution of Digital Trust
Evolution of Digital Trust
Bahaa Al Zubaidi
 
Biometrics for Payment Authentication
Biometrics for Payment AuthenticationBiometrics for Payment Authentication
Biometrics for Payment Authentication
FIDO Alliance
 
Two Factor Authentication Using Smartphone Generated One Time Password
Two Factor Authentication Using Smartphone Generated One Time PasswordTwo Factor Authentication Using Smartphone Generated One Time Password
Two Factor Authentication Using Smartphone Generated One Time Password
IOSR Journals
 
Loqr
LoqrLoqr
Loqr
Caixa Geral Depósitos
 
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET Journal
 
Digital Transformation Trends and Predictions for 2020.pdf
Digital Transformation Trends and Predictions for 2020.pdfDigital Transformation Trends and Predictions for 2020.pdf
Digital Transformation Trends and Predictions for 2020.pdf
KMSSolutionsMarketin
 
TPBank Case Study - long ver (2).pdf
TPBank Case Study - long ver (2).pdfTPBank Case Study - long ver (2).pdf
TPBank Case Study - long ver (2).pdf
KMSSolutionsMarketin
 

More Related Content

Similar to Passwordless Mobile Banking.pdf

A Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdfA Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdf
Pay10
 
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
ijiert bestjournal
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
Data Con LA
 
Cryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for bankingCryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for banking
Hai Nguyen
 

Similar to Passwordless Mobile Banking.pdf (20)

Bg24375379
Bg24375379Bg24375379
Bg24375379
 
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
 
Introduction to Solus
Introduction to SolusIntroduction to Solus
Introduction to Solus
 
SolusDeck
SolusDeckSolusDeck
SolusDeck
 
Gresham Publication
Gresham PublicationGresham Publication
Gresham Publication
 
A Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdfA Comprehensive guide to understanding Digital Wallets.pdf
A Comprehensive guide to understanding Digital Wallets.pdf
 
The Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdfThe Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdf
 
How to integrate payment gateway in your android or i os application
How to integrate payment gateway in your android or i os applicationHow to integrate payment gateway in your android or i os application
How to integrate payment gateway in your android or i os application
 
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
 
How to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyHow to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategy
 
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Role Of Two Factor Authentication In Safeguarding Online Transactions
Role Of Two Factor Authentication In Safeguarding Online TransactionsRole Of Two Factor Authentication In Safeguarding Online Transactions
Role Of Two Factor Authentication In Safeguarding Online Transactions
 
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
Data Con LA 2019 - So You got Hacked, how Quickly Can your Company Recover? b...
 
Cryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for bankingCryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for banking
 
Evolution of Digital Trust
Evolution of Digital TrustEvolution of Digital Trust
Evolution of Digital Trust
 
Biometrics for Payment Authentication
Biometrics for Payment AuthenticationBiometrics for Payment Authentication
Biometrics for Payment Authentication
 
Two Factor Authentication Using Smartphone Generated One Time Password
Two Factor Authentication Using Smartphone Generated One Time PasswordTwo Factor Authentication Using Smartphone Generated One Time Password
Two Factor Authentication Using Smartphone Generated One Time Password
 
Loqr
LoqrLoqr
Loqr
 
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
 

More from KMSSolutionsMarketin

Design Thinking for Digital Banking
Design Thinking for Digital BankingDesign Thinking for Digital Banking
Design Thinking for Digital Banking
KMSSolutionsMarketin
 
Must-have Features for Banking Application.pdf
Must-have Features for Banking Application.pdfMust-have Features for Banking Application.pdf
Must-have Features for Banking Application.pdf
KMSSolutionsMarketin
 
How to Build a Digital Platform in the Age of Digital
How to Build a Digital Platform in the Age of DigitalHow to Build a Digital Platform in the Age of Digital
How to Build a Digital Platform in the Age of Digital
KMSSolutionsMarketin
 
Digital Strategy
Digital StrategyDigital Strategy
Digital Strategy
KMSSolutionsMarketin
 
The Future of Learning Ecosystem
The Future of Learning EcosystemThe Future of Learning Ecosystem
The Future of Learning Ecosystem
KMSSolutionsMarketin
 
Strategies for Choosing eKYC Solutions.pdf
Strategies for Choosing eKYC Solutions.pdfStrategies for Choosing eKYC Solutions.pdf
Strategies for Choosing eKYC Solutions.pdf
KMSSolutionsMarketin
 

More from KMSSolutionsMarketin (17)

Digital Transformation Trends and Predictions for 2020.pdf
Digital Transformation Trends and Predictions for 2020.pdfDigital Transformation Trends and Predictions for 2020.pdf
Digital Transformation Trends and Predictions for 2020.pdf
 
TPBank Case Study - long ver (2).pdf
TPBank Case Study - long ver (2).pdfTPBank Case Study - long ver (2).pdf
TPBank Case Study - long ver (2).pdf
 
Automation Testing Best Practices.pdf
Automation Testing Best Practices.pdfAutomation Testing Best Practices.pdf
Automation Testing Best Practices.pdf
 
GIC Real Estate Analytics Project Success Story.pdf
GIC Real Estate Analytics Project Success Story.pdfGIC Real Estate Analytics Project Success Story.pdf
GIC Real Estate Analytics Project Success Story.pdf
 
Lean Agile.pptx
Lean Agile.pptxLean Agile.pptx
Lean Agile.pptx
 
An Introduction to Software Testing Life Cycle
An Introduction to Software Testing Life CycleAn Introduction to Software Testing Life Cycle
An Introduction to Software Testing Life Cycle
 
ACB Case Study
ACB Case StudyACB Case Study
ACB Case Study
 
TESTING STRATEGIES TO ENSURE A CORE BANKING TRANSFORMATION
TESTING STRATEGIES TO ENSURE A CORE BANKING TRANSFORMATIONTESTING STRATEGIES TO ENSURE A CORE BANKING TRANSFORMATION
TESTING STRATEGIES TO ENSURE A CORE BANKING TRANSFORMATION
 
6 Imperatives for Digital Banking
6 Imperatives for Digital Banking6 Imperatives for Digital Banking
6 Imperatives for Digital Banking
 
Design Thinking for Digital Banking
Design Thinking for Digital BankingDesign Thinking for Digital Banking
Design Thinking for Digital Banking
 
Must-have Features for Banking Application.pdf
Must-have Features for Banking Application.pdfMust-have Features for Banking Application.pdf
Must-have Features for Banking Application.pdf
 
An Ultimate Guide to Continuous Testing in Agile Projects.pdf
An Ultimate Guide to Continuous Testing in Agile Projects.pdfAn Ultimate Guide to Continuous Testing in Agile Projects.pdf
An Ultimate Guide to Continuous Testing in Agile Projects.pdf
 
How to Build a Digital Platform in the Age of Digital
How to Build a Digital Platform in the Age of DigitalHow to Build a Digital Platform in the Age of Digital
How to Build a Digital Platform in the Age of Digital
 
Digital Strategy
Digital StrategyDigital Strategy
Digital Strategy
 
The Future of Learning Ecosystem
The Future of Learning EcosystemThe Future of Learning Ecosystem
The Future of Learning Ecosystem
 
Strategies for Choosing eKYC Solutions.pdf
Strategies for Choosing eKYC Solutions.pdfStrategies for Choosing eKYC Solutions.pdf
Strategies for Choosing eKYC Solutions.pdf
 
Doing Digital Banking Right
Doing Digital Banking RightDoing Digital Banking Right
Doing Digital Banking Right
 

Recently uploaded

[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
Tomasz Kowalczewski
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio, Inc.
 
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfAuto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
SelfMade bd
 
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Lisi Hocke
 
From Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST APIFrom Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST API
Inflectra
 
Effective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConEffective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeCon
Natan Silnitsky
 

Recently uploaded (20)

Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Era
 
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
 
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
 
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit MilanWorkshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
 
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanWorkshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
 
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
 
Abortion Clinic In Johannesburg ](+27832195400*)[ 🏥 Safe Abortion Pills in Jo...
Abortion Clinic In Johannesburg ](+27832195400*)[ 🏥 Safe Abortion Pills in Jo...Abortion Clinic In Johannesburg ](+27832195400*)[ 🏥 Safe Abortion Pills in Jo...
Abortion Clinic In Johannesburg ](+27832195400*)[ 🏥 Safe Abortion Pills in Jo...
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
Food Delivery Business App Development Guide 2024
Food Delivery Business App Development Guide 2024Food Delivery Business App Development Guide 2024
Food Delivery Business App Development Guide 2024
 
Rapidoform for Modern Form Building and Insights
Rapidoform for Modern Form Building and InsightsRapidoform for Modern Form Building and Insights
Rapidoform for Modern Form Building and Insights
 
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfAuto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
 
Automate your OpenSIPS config tests - OpenSIPS Summit 2024
Automate your OpenSIPS config tests - OpenSIPS Summit 2024Automate your OpenSIPS config tests - OpenSIPS Summit 2024
Automate your OpenSIPS config tests - OpenSIPS Summit 2024
 
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
 
Transformer Neural Network Use Cases with Links
Transformer Neural Network Use Cases with LinksTransformer Neural Network Use Cases with Links
Transformer Neural Network Use Cases with Links
 
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
 
From Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST APIFrom Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST API
 
Abortion Pill Prices Jozini ](+27832195400*)[ 🏥 Women's Abortion Clinic in Jo...
Abortion Pill Prices Jozini ](+27832195400*)[ 🏥 Women's Abortion Clinic in Jo...Abortion Pill Prices Jozini ](+27832195400*)[ 🏥 Women's Abortion Clinic in Jo...
Abortion Pill Prices Jozini ](+27832195400*)[ 🏥 Women's Abortion Clinic in Jo...
 
Effective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConEffective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeCon
 
[GRCPP] Introduction to concepts (C++20)
[GRCPP] Introduction to concepts (C++20)[GRCPP] Introduction to concepts (C++20)
[GRCPP] Introduction to concepts (C++20)
 

Passwordless Mobile Banking.pdf

  • 2. INTRO. With the advanced technologies such as biometrics verification and cryptographic keys, IT around the world is moving towards passwordless authentication for its applications. Fast Identity Online 2 (FIDO2) is the industry’s answer to the global password problem and addresses all of the issues of traditional authentication. Passwords are a big problem for the financial services industry. It’s common for criminals or hackers to compromise passwords through brute force, credential stuffing, dictionary attacks, and phishing or social engineering. According to Verizon 2021 Data Breach Investigations Report, 89% of breaches within Hacking involve Brute force or the Use of lost or stolen credentials. To limit the damage of compromised passwords, organizations typically ask users to set overly complex passwords and 3FA KNOW HAVE ARE change them frequently. This practice creates a hassle and big friction to digital processes. For many IT departments, password support and maintenance are often the largest cost. Password replacement options can help organizations offer convenience and improve user experience without exposure to high security risk. FIDO2 cryptographic login credentials are unique across every website, never leave the user’s device and are never stored on a server. This security model eliminates the risks of phishing, all forms of password theft and replay attacks. Login access to an account is limited to a register device (something you have) and requires a second factor such as facial or fingerprint (something you are) to unlock the cryptographic keys. Passwordless Authentication | Intro Passwordless Authentication | Intro
  • 3. This practice will create a more convenient authentication experience for users on their digital journeys. Modern iOS and Android mobile devices have built-in support for facial or fingerprint authentication, thus it reduces the fictions in the entire process allowing users to access to the services they need in a few seconds. Many iOS and Android mobile devices have built-in support for facial or fingerprint recognition, allowing the device authentication to be performed within a few seconds, thus reducing friction in the entire process. 3 steps to authenticate your account 1 Match your fingerprint 3 Scan your fingerprint 2 Scan your face Got it CONGRATULATIONS! Next In passwordless mobile banking scenarios, users provide only a username to initiate authentication. The mobile banking app then presents a device-native dialogue to the user. Once the user provides biometric authentication or a PIN, the unlocked private key will be used to sign the authentication request and pass it back to the application Next Your Username Mobile Banking & Passwordless Authentication Passwordless Authentication | 01
  • 4. • Mobile Frontend is the banking application that wants to authenticate users or confirm the transaction. • The Frontend component communicates with the Platform Authenticator for the authentication ceremony. The information is then passed to the backend and Authentication API to finish the transaction. 1st-time onboarding After a user has registered for a bank account, users must register their mobile device as their primary authenticator. This ceremony could be accomplished in one of the following ways: • Automatically: The secret keys are sent in encrypted form online. Users have installed Mobile Banking App, register their communication channel, perform eKYC procedures and successfully create a bank account. Encrypted data can be fetched from Authentication API component. • QR-Coded: A QR code containing all required key information is submitted to the users via a Bank Branch visit or sent over a trusted channel such as video call. Once registered, the user’s mobile device is the key to authenticate as well as sign the transactions Mobile Banking App Mobile Frontend Auth API Mobile Backend Authentication API Platform Authenticator CTAP2 User Store Application Architecture Overview Passwordless Authentication | 02
  • 5. Authentication and Transaction Signing 1. Frontend trigger authentication initialization 2. User provides consent through a biometrics or a PIN 3. The authentication response phrase is sent to backend for processing 4. Authentication API validate the response phrase using stored credential public key FIDO2-based solutions will help increase User experience, faster login and transaction confirmation. In the digital world, make it simple for the Users with one-tap confirmation, no need to keep USB tokens, digital token generators. The Solution also helps reduce the operations cost, reduces requests to helpdesk for password reset. Passwords are going away. The future belongs to passwordless authentication solutions. Operation 1 from 1 Got it Bank Acc Name The First Bank Bank Acc No 123-45678-912 Sort Code 5439 Swift Number HSBCSGSG IBAN SG12340000000123456 Amount $100 CONFIRMED Next Passwordless Authentication | 03
  • 6. KMS Solutions works closely with leading software companies across the globe to bring the most advanced and innovative technologies to Asia Pacific. The focus is to help organizations achieve their business goals through world-class fit-for-purpose solutions and proven industry best practices. KMS Solutions’ success is ultimately measured by the positive impact that it makes to the client’s business. To learn more about KMS Solutions, visit https://kms-solutions.asia/