Trusted Transactions | Entersekt Blog

Trusted Transactions | Entersekt Blog

Letters to a customer: mandates, authentication and non-repudiation

Posted by Niel Bester, SVP Products, Entersekt

Aug 15, 2017 12:05:21 PM

Over the past fifteen years, the balance of power between large financial institutions and their retail customers has changed. The consumer now has a seat at the bargaining table, and is an equal rather than a subordinate in the decision-making process. How has this shift changed things from an authentication perspective?

 

Read More

Topics: Online banking authentication, Card-not-present authentication, Mobile banking authentication, Transaction signing, Liability

NIST puts the brakes on a slow-mo train wreck

Posted by Gerhard Oosthuizen, Chief Information Officer, Entersekt

Aug 4, 2016 11:36:58 AM

I felt a flicker of recognition reading Dave Birch’s reaction this week to news that the US Department of Commerce’s National Institute of Standards and Technology (NIST) is “deprecating” the use of SMS-based authentication.

Dave’s been deprecating SMS one-time passwords (OTPs or mTANs) for almost a decade. As a very widely read influencer and director of Consult Hyperion, his opinion could be seen as less partisan than, say… ours, and as a result hold greater weight.

Dave’s not so sure. Surveying the damage done by SMS OTPs over recent years, he writes, amusingly: “These are all symptoms of the fact that nobody listens to me about mobile banking security.”

Read More

Topics: Transaction signing, Regulatory guidance, One-time passwords, SMS OTP/ mTAN

Why is transaction signing important for U.S. banks?

Posted by Entersekt

Apr 24, 2014 3:00:00 PM

While technology continues to evolve to help combat fraud, so do the strategies of savvy fraudsters. Protecting customer accounts, both consumer and business, has been a top priority for financial institutions everywhere for some time, but even more so now with the increased use of Internet and mobile banking channels. This is where transaction signing comes in. In order to keep account data safe, reputational damage at bay, and adhere to international requirements, financial institutions are turning to this powerful means of boosting security.

Read More

Topics: Transaction signing

Monetary Authority of Singapore’s transaction signing regulations force U.S. financial institutions to look at new solutions

Posted by Entersekt

Apr 11, 2014 3:00:00 PM

Protecting customer accounts, both consumer and business, is a top priority for financial institutions everywhere, especially in light of the growing security risks with online and mobile banking. The global nature of today’s financial world has also led many banks to offer international banking services to multinational corporations and consumers, which has complicated their ability to provide security. As a result, many financial institutions, and even governments, are looking past yesterday’s security approaches and assessing new and stronger alternatives, such as transaction signing. 

Governments and regulatory bodies are embracing secure digital transaction signing by setting industry standards and enacting regulatory requirements aimed at engineering a more secure digital environment for their citizens. One of the strictest and most prescriptive set of standards in effect is the Monetary Authority in Singapore (MAS) Technology Risk Management Guidelines, which states that financial institutions should implement two-factor authentication at login for all types of online financial systems and transaction signing for authorizing transactions. It also requires that banking customers be able to review individual transactions as part of a batch and sign them on an out-of-band device. The guidance also suggests that a one-time-password (OTP) or digital signature be generated for each new payee being added and that the data being signed should be displayed to the customer in a meaningful way before being signed. Singapore is not the only territory implementing requirements. Others include South Korea and Taiwan. 

Read More

Topics: Transaction signing

The secret to better business banking on mobile

Posted by Mark van Dalsen, marketing communications manager, Entersekt

Apr 3, 2014 3:00:00 PM

Mark_van_DalsenThe race is on

The increasingly global nature of business means many of us work differently now. Corporate treasurers are no exception. They’re more mobile than ever before and, having taken on a more strategic function within organizations, they face pressure to make informed decisions and act on them fast, wherever they happen to be. They want technology to help improve their productivity and facilitate real-time information sharing on the go, and they expect their banks to deliver the tools to do just that. 

The good news for all those jetlagged CFOs out there is that banks are listening. Over and above improvements to corporate banking portals, banks are working hard to roll out and expand mobile banking capabilities. Midway through 2013, Aite Group found that just under one third of the top 50 U.S. banks were offering corporate mobile banking. Amazingly, a further 64 percent expected to launch corporate mobile banking before the end of 2014. The primary catalyst in this race, Aite Group found, is customer retention. 

Read More

Topics: Transaction signing

About Trusted Transactions

Trusted Transactions is Entersekt's blog devoted to keeping our customers, prospects and friends updated with industry news, security threats and technology advances in consumer authentication. We can protect against online banking fraud and account takeovers. Trusted Transactions brings you industry data and insights to help safeguard your online and mobile banking and payments transactions. 

Subscribe to Entersekt's Blog

 

Download white paper: The importance of transaction  signing to banks  

 

Follow Entersekt