Thales Mobile Authentication Solutions for Digital Banking

Mobile devices have transformed the financial ecosystem, making banking "on the go" the new norm. Financial institutions must secure their mobile services and comply with strict regulations like PSD2 in the EU or FFIEC in the U.S. With rising cyber-attacks, strong security is essential.

Thales helps some of the largest banks in the world overcome these challenges with our leading suite of mobile security and Strong Customer Authentication solutions.

Secure online banking transactions

Thales' Mobile Authentication Suite offers financial institutions (FIs) a seamless, secure way to authenticate users across channels. With solutions like Mobile Protector and Mobile Messenger, FIs can protect sensitive transactions and meet compliance requirements while enhancing the customer experience.

Thales Mobile Protector: Multi-Factor authentication made easy

Thales Mobile Protector is a comprehensive Software Development Kit (SDK) that enables easy integration of multi-factor authentication (MFA) and protection against malware attacks. This solution supports three key authentication layers:

Protector

What I Have

Device binding that securely links a mobile device to a user account.

What I Know

PIN-based authentication with a secure, randomized PIN pad that protects against keyloggers.

What I Am

Biometric authentication, including fingerprint and facial recognition, stored securely on the device.

    • Complete Multi-Factor Authentication (MFA): Supports One-Time Passwords (OTP), Challenge/Response, Transaction Data Signing, PIN-based authentication with a randomized secure PIN pad, and biometric authentication (fingerprint and facial recognition).
    • Device Binding: Securely links a mobile device to a specific user account for an additional layer of security.
    • Robust Mobile Security: Includes jailbreak/root detection, anti-debug, anti-hooking, and advanced code obfuscation to protect the app against malware.
    • HSM-Based Key Protection: Provides secure key provisioning and storage with Hardware Security Module (HSM) protection.
    • Easy-to-Implement API: Offers simple APIs for fast deployment of MFA and biometric authentication features.
    • Privacy-First Biometric Authentication: Ensures that biometric data is stored securely on the user’s device, never in external data centers.
    • Regulatory Compliance: Helps banks comply with key regulations such as FFIEC, NIST, PSD2’s Regulatory Technical Standards (RTS), and supports the FIDO2 protocol.
    • Flexible Deployment: Can be implemented on-premises or delivered as a cloud service.
    • Security Audits: Independently audited by third-party and governmental agencies to ensure compliance and high standards of security.

    Mobile Protector integrates with solutions like the Thales Confirm Authentication Server (CAS) or FIDO Server, fitting seamlessly into your security lifecycle.

    Thales Mobile Messenger: Omni-channel authentication

    Thales Mobile Messenger allows FIs to create a seamless authentication experience across devices. Whether customers use their mobile, tablet, or computer, Mobile Messenger ensures that their mobile phone acts as the central hub for secure, fluid transactions.

      • Multi-Channel Banking: Supports seamless authentication across mobile, tablet, and computer channels, allowing the mobile device to act as the central hub for all banking operations.
      • High-Performance Out-of-Band Messaging: Includes an advanced messaging server based on In-Memory Data Grid technology, ensuring fast and reliable communication between the FI's systems and the mobile app.
      • Proprietary Secure Channel (DEP): Establishes a secure, encrypted channel to overcome SSL weaknesses, ensuring robust protection for all data transmissions.
      • Push Notification Support: Compatible with major push notification services like GCM, APNS, and MPNS, enabling real-time transaction verifications and authentication requests.
      • Dynamic Scalability: Easily add nodes to the system to boost performance, with built-in fault tolerance to avoid single points of failure.
      • Disaster Recovery: Features WAN replication for disaster recovery, ensuring minimal service interruption in case of failures.
      • Easy-to-Implement API: Simple APIs allow for quick deployment of the Mobile Messenger solution into existing infrastructures.
      • Regulatory Compliance: Helps financial institutions comply with FFIEC, NIST, and PSD2 regulations.
      • Flexible Deployment Options: Available for both on-premises and cloud-based implementations.

      Mobile Messenger helps FIs streamline user experiences while ensuring robust security for all banking operations.

      Integrating Thales authentication technology into the Banrisul mobile banking solution is the ideal option to keep Banrisul at the forefront of simple, secure mobile solutions that enhance our customers' experience and streamline our operations.”
      Jorge Krug IT Security Superintendent Banrisul, Brazil