TynTec’s Mobile Trust Service is engineered to enhance authentication of the legitimate user through One-Time Passwords (OTPs) and mobile TANs (mTANs), providing powerful protection for the identities of online and mobile financial service customers.
TynTec Partners for Mobile Authentication
|
TynTec and VASCO, the authentication company, work together to supply the Virtual Digipass service, which sends One Time Passwords (OTPs) to mobile devices through SMS messages.
|
|
TynTec and Gemalto, the leader in digital security, jointly provide One-Time Passwords (OTPs) through SMS messages. The joint mobile authentication solution can also be provided as a dedicated SIM-OTP application.
|
TynTec’s ability to offer a unique guarantee of delivery within 15 seconds means that consumers always receive their time-restricted passwords sufficiently prior to its expiry time.
Protection against Cyber Fraud
Sophisticated types of cyber fraud are a frequent concern in regards to security in online banking. A successful strategy for more security is the real-time sending of one-time passwords (also referred to as one-time codes, e-signature or mobile TAN) using the mobile channel, such as SMS, to better secure transactions made in the online banking interface. Those passwords or codes are session based and can only be used for the specific transaction in question.
By sending one-time passwords via SMS to authorize online banking transactions, banks ensure a two-factor authentication and avoid malicious attacks from phishing emails and destructive software such as pharming and Trojans. Therefore the level of security is higher than common “bulk” OTPs provided via email or post.
click on image to enlarge
Enhancing customer experience with “time-to-live” for OTP
In order to implement an effective strong 2-factor authentication, one-time passwords used for application log-in or as e-signature/mTAN for transaction authorization need to be time-restricted.
TynTec can uniquely match this business requirement from financial service provider in two regards. First TynTec guarantees the transmission of SMS OTP within 15 seconds. This matches the highest industry standards that request a expiry time of about 30 seconds.
In case the account holder has switched off his mobile and is not reachable, TynTec, because of its complete end-to-end control over the entire GSM delivery path, can set a “time-to-live” for each SMS sent. This means that after a given time period (given by the FSP, e.g. 45 seconds) TynTec will not try again to deliver the OTP. This ensures that a FSP customer does not receive an OTP after it is expired.
Benefits of SMS based Mobile Trust Services
On the one hand SMS is a ubiquitous messaging technology that FSPs can utilise as an authentication channel without alienating customers. On the other hand receiving authentication credentials via SMS is convenient for the consumer, as the mobile phone is a ubiquitous personal device. Most important: malicious online attacks and internet scams cannot reach the mobile space.
The VASCO/TynTec Virtual Digipass solution combines the benefits from strong two-factor authentication mechanism and low Total Cost of Ownership – as no physical token is involved - with TynTec´s exceptional strict Service Level on delivering secure SMS.
This system, being automated, does not require any helpdesk interaction or significant infrastructure to be implemented.
Reliability and Security for Delivering Transaction Alerts
The TynTec's Mobile Trust Service offers a number of advantages over standard SMS delivery for financial service providers.
Trust in Service
- Guaranteed delivery of each SMS within 15 seconds
- Secure delivery - no storage of sensitive financial data in transit
Traceability
- Delivery receipts for each SMS, sourced directly from the user's handset
- Full GSM return codes with precise insight into real-time sending status
Transparency
- End-to-end control over the entire GSM delivery path
- Strict Service Level Agreement
Ease of Integration
TynTec's Enterprise-Quality SMS services are offered through the standard interfaces SMPP 3.4 and HTTP that can be easily integrated over an API to communicate between an Authentication Middleware and TynTec´s SMS-Centre. A VPN connection, as well as SLL, is provided for full protection of information transmission from the FSP system to TynTec’s SMS-C on request.
International Reach / Interoperability
TynTec covers more than 78% of the mobile world and 99.8% in Europe, offering nearly 400 networks in 160 countries.
