Syncosis Technological Services Pvt Ltd

advertisement
Mobile Based Two Factor
Authentication For Online
Transactions
What is Mobile based Two Factor Authentication
The Need
As online banking fraud continues to grow, consumers’
deep-seated security fears remain
one of the biggest barriers to online banking.
Bridging The Gap
Mobile based Two Factor Authentication enables Bank’s
Credit/Debit card customers to do online transactions in a
secured way with an additional authentication added using
registered mobile number of the customer.
There are three reasons why internet banking requires
increased security: online fraud is on the up;
customers need reassuring; and changes in the industry
demand it.
2
Product Overview
4
1
Transaction
Completion
Online Payment
Transaction
Mobile based authentication for
online transaction works with the
combination of verification of the
user data which is present on the
Credit/Debit Card (Verified by
Payment Processor) and sending
a call to registered mobile number
of
customer
and
getting
confirmation
from
him/her
(Additional Authentication)
3
2
Two Factor
Authentication
over call
Authentication at
Payment Gateway
& Bank
3
Steps in Mobile Based Two Factor Authentication
1
Transaction Initiation
 User logs into a Merchant site and attempts for online transaction
2
Card Details
 User fills in the data for credit card on the site
3
Inbound Call
 After hitting the submit button, user receives a call on his registered
mobile number
4
2 Factor Authentication
 User answers the call and press “1” on his mobile, he/she is authenticated
and the transaction is completed.
5
Transaction Completion
 Query Accepted online and transaction is processed
4
Information Flow
Fills up Card Details
Payment Gateway
User attempts for Online
payment on Merchant Site
Secure
Convenient
Quick
1 Factor
Authentication
Transaction
Successful
Autocall Sent on Registered Mobile Number
and user presses 1 to confirm
Bank
Altruist Outbound Application
5
Application Offline
Alternate flow in case the user mobile is not reachable
• User logs into a Merchant site where he/she wants to do a transaction
• User fills in the data for credit card on the site
• After hitting the submit button, user is not able to receive the call on his registered mobile due to
network down, weak network etc
• User calls the call centre of the bank and authenticate himself/herself
• Call centre gives one time bypass to the user.
• User is able to do the online transaction without the need of mobile authentication.
1 Factor
Authentication
Fills up Card Details
Payment Gateway
Bank
User attempts for Online
payment on Merchant Site
Transaction
Successful
Altruist Outbound
Application
Autocall Sent on
Registered Mobile Number
One time by-pass
allowed by CC Agent
Transaction
Unsuccessful
6
Need
•
•
•
•
•
Threat against Key Loggers
Phishing
Man in the Middle
Steal the Credit Card
Steal the credit card
information
There are three reasons why
internet banking requires increased
security:
• Online fraud is on the up
• Customers need reassuring; and
• Changes in the industry demand it.
7
Benefits
Save
Protect
Competitive
Positioning
Litigation
Shielding
Ease
Secure
A significant reduction in the losses (financial and otherwise) incurred as a result of
phishing-related fraud
Protection against Credit card stealing
Greater customer comfort with conducting business online due to improved security
delivered imposing complicated requirements on users
An enhanced shielding against litigation that may arise from phishing-related incidents
No Need of remembering another password/pin.
Highly secure as no account information sharing required. Application to relay only the
input given by user based on which the Bank or the Payment Gateway can accept or
reject transaction
8
Why Altruist
Our Aim is to make Mobile part of the customer Lifestyle
Data
Explore
Advertising
M Banking
Entertainment & Classifieds
Develop
Stimulate
Expand
Total Telecom Solutions
A number of service are adopted based on different Market Dynamics
Technolog
y Trends
Market
Trends
Customer
Behavior
Continuous focus around rapid development of market driven services that
meet customer needs and will be adopted in daily use
Our Goal is to Capitalize on VAS and technology to generate new revenue
streams and generate customer loyalty for the partners
9
Thank You
Altruist Technologies Pvt Ltd.
DLF Tower C, 2nd Floor
Chandigarh IT Park
Tel Fax+91-172-4308800
Mail: altruistindia@altruistindia.com
Chnadigarh
10
Download