HID Global, a manufacturer of secure identity solutions, has enhanced its ActivID authentication offering for digital banking with a push notification solution to prevent mobile banking fraud.
The enhanced solution will give financial firms a secure channel and easy method for notifying customers about pending transactions on their phones or tablets, and then proceed with execution after receiving their authorization.
Tim Phipps, vice president of product marketing, Identity Assurance with HID Global said: "With our ActivID Trusted Transactions solution, banks can offer far more convenient out-of-band transaction notification and authorization on mobile devices, which provides customers real-time alerts prior to a suspicious transaction being applied to their account.
"This places the control back in the customer’s hands by providing them with simple way to confirm the legitimacy of a pending transaction."
HID Global said that its "phone as a token" out-of-band verification solution uses transaction signing with private key cryptography over a trusted and secure electronic channel.
All communication is encrypted with mutual authentication between the user’s mobile device and the financial institution’s online banking application.
Non-repudiation of transaction is ensured by generating the private key outside the financial firm’s backend system and then safeguarding it to prevent extraction, cloning or access from another application, the technology firm said in a statement.
When a transaction is initiated, the ActivID Authentication Server uses its Mobile Push capability to send an authorization notification to the user’s registered mobile device with all relevant information and a request to accept or reject it using the server’s ActivID Mobile Signing Software Developer Kit (SDK). Signed responses are returned to the server, which validates and forwards them to the online banking system to grant or deny transactions, the statement added.