Passwords as well as most of today’s SCA methods are susceptible to phishing and man-in-the-middle attacks. For technical reasons they are not capable to check the actual domain (URL) in the user’s browser’s address bar. All information a user enters into a fraudulent phishing website is instantly compromised. Hanko’s WebAuthn technology makes sure that the user can only authenticate on the legit bank website or app, nowhere else. #ByeByePhishing
For strong customer authentication in mobile banking, many banks already make use of the biometrics capabilities of iOS and Android devices. With Hanko’s WebAuthn technology, biometric authentication becomes also available in browser-based applications. WebAuthn is THE web standard for what is described as “device binding” in PSD2 regulation. Instead of a password and an authentication code generated by a card reader or sent by SMS, biometric interfaces like Windows Hello or Touch ID can be used for PSD2-compliant, password-free, and hardware-agnostic SCA. WebAuthn also allows for standardized FIDO Security Keys if dedicated hardware is still needed.
Hanko’s WebAuthn technology can be used for customer logins (“access to account”) as well as for securing transactions. As most end-user devices are already WebAuthn-capable, legacy SCA methods can soon be depracated.
By replacing passwords and working with native device capabilities, your SCA for logins and transactions becomes as easy-to-use as Apple Pay and Google Pay. Thus creating a smooth and easy transactions and secure banking possibilities.
The decision for FIDO must be considered as part of the banks’ IT strategy. A step-by-step integration into the existing online and mobile banking infrastructure lends itself. As a FIDO expert and technology provider for passwordless authentication, Hanko offers the infrastructure for banks and financial services to set up PSD2 compliant SCA with FIDO in no time.
Replace SMS SCA and proprietary CAP readers
The established global standard for 2FA/SCA
Innovative and seamless user experience
Completely prevents Phishing and account takeovers
Reduced operational overheads for multiple SCA methods
Your user experience and security will be drastically improved when you use Hanko.io for your authentication.Try our API for free or book demo