With regard to strong customer authentication, banks have to face multiple challenges:
- to propose strong customer authentication for cases of remote payment and account access;
- to replace the current authentication solution based on OTP SMS (One-Time Password sent by SMS to approve 3DSecure payment transactions) because this solution does not meet the two-factor authentication criteria;
- to propose a solution that can cover the whole user population.
An innovative authentication solution to provide universal coverage
equensWorldline’s solution, named WL Trusted Authentication, is available for mobile applications (smartphones) and web browsers (mobile phones and computers). It is unique in the market due to its universal coverage, and the technical innovation that makes the browser version simple from a deployment point of view.
The solution has a European patent, and was designed several years ago to meet the growing needs of banks in the area of strong customer authentication. It is already deployed in many European banks (more than 120 million transactions per year).
The new, browser-based solution is innovative because it enables banks to provide strong customer authentication without the need for external hardware (tokens, for example), smartphones, or software installed on the user’s computer. The user enrolls his browser in a simple and transparent way, and can then perform strong authentication with the same kinematics as if he/she just entered credentials to access his online bank. In this browser-based solution the same security measures have been applied as on mobile phones.
Integration methods adapted to the bank's strategy
Several integration modes are available to optimally suit the different digital strategies and calendar constraints of banks. There’s a mobile solution that can be integrated into the bank's existing mobile application, a mobile white-label solution which can be customized to the bank's look-and-feel, and a Worldline-labelled mobile solution for rapid deployment. In addition, there’s now thus also a browser solution, accessible simply from any computer, tablet, or phone browser, and requiring no installation, for all business or home users, who do not use smartphones.
Wolf Kunisch, Chief Business Division Officer at equensWorldline:
“As a leading player in the payments industry, we enable our clients to meet the continuously developing market demands and requirements. The mobile solution is tending to be deployed more and more in digitalized populations. This new browser solution is an inevitable complement to the mobile channel, both for populations not equipped with smartphones (or as bypass solution, in the event of a telephone failure). What’s more, with the next version of this module, using the WebAuthn API defined by the W3C (World Wide Web Consortium), it will be possible to offer biometric control also on the browser, and thus offer the same authentication factors that currently exist on the mobile application.”
 “Strong customer authentication” means an authentication based on the use of two or more elements categorized as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is) that are independent.