Mobile Based Two Factor Authentication For Online Transactions What is Mobile based Two Factor Authentication The Need As online banking fraud continues to grow, consumers’ deep-seated security fears remain one of the biggest barriers to online banking. Bridging The Gap Mobile based Two Factor Authentication enables Bank’s Credit/Debit card customers to do online transactions in a secured way with an additional authentication added using registered mobile number of the customer. There are three reasons why internet banking requires increased security: online fraud is on the up; customers need reassuring; and changes in the industry demand it. 2 Product Overview 4 1 Transaction Completion Online Payment Transaction Mobile based authentication for online transaction works with the combination of verification of the user data which is present on the Credit/Debit Card (Verified by Payment Processor) and sending a call to registered mobile number of customer and getting confirmation from him/her (Additional Authentication) 3 2 Two Factor Authentication over call Authentication at Payment Gateway & Bank 3 Steps in Mobile Based Two Factor Authentication 1 Transaction Initiation User logs into a Merchant site and attempts for online transaction 2 Card Details User fills in the data for credit card on the site 3 Inbound Call After hitting the submit button, user receives a call on his registered mobile number 4 2 Factor Authentication User answers the call and press “1” on his mobile, he/she is authenticated and the transaction is completed. 5 Transaction Completion Query Accepted online and transaction is processed 4 Information Flow Fills up Card Details Payment Gateway User attempts for Online payment on Merchant Site Secure Convenient Quick 1 Factor Authentication Transaction Successful Autocall Sent on Registered Mobile Number and user presses 1 to confirm Bank Altruist Outbound Application 5 Application Offline Alternate flow in case the user mobile is not reachable • User logs into a Merchant site where he/she wants to do a transaction • User fills in the data for credit card on the site • After hitting the submit button, user is not able to receive the call on his registered mobile due to network down, weak network etc • User calls the call centre of the bank and authenticate himself/herself • Call centre gives one time bypass to the user. • User is able to do the online transaction without the need of mobile authentication. 1 Factor Authentication Fills up Card Details Payment Gateway Bank User attempts for Online payment on Merchant Site Transaction Successful Altruist Outbound Application Autocall Sent on Registered Mobile Number One time by-pass allowed by CC Agent Transaction Unsuccessful 6 Need • • • • • Threat against Key Loggers Phishing Man in the Middle Steal the Credit Card Steal the credit card information There are three reasons why internet banking requires increased security: • Online fraud is on the up • Customers need reassuring; and • Changes in the industry demand it. 7 Benefits Save Protect Competitive Positioning Litigation Shielding Ease Secure A significant reduction in the losses (financial and otherwise) incurred as a result of phishing-related fraud Protection against Credit card stealing Greater customer comfort with conducting business online due to improved security delivered imposing complicated requirements on users An enhanced shielding against litigation that may arise from phishing-related incidents No Need of remembering another password/pin. Highly secure as no account information sharing required. Application to relay only the input given by user based on which the Bank or the Payment Gateway can accept or reject transaction 8 Why Altruist Our Aim is to make Mobile part of the customer Lifestyle Data Explore Advertising M Banking Entertainment & Classifieds Develop Stimulate Expand Total Telecom Solutions A number of service are adopted based on different Market Dynamics Technolog y Trends Market Trends Customer Behavior Continuous focus around rapid development of market driven services that meet customer needs and will be adopted in daily use Our Goal is to Capitalize on VAS and technology to generate new revenue streams and generate customer loyalty for the partners 9 Thank You Altruist Technologies Pvt Ltd. DLF Tower C, 2nd Floor Chandigarh IT Park Tel Fax+91-172-4308800 Mail: altruistindia@altruistindia.com Chnadigarh 10