There are many ways to implement strong authentication and transaction signing, but the most effective to comply with PSD2 is the use of PKI based digital identities. Unlike other technologies such as SMS based one-time passwords, push notifications or FIDO, PKI directly binds a digital identity to a user. The private key can be used to digitally sign a transaction and the public certificate can be used by a relying party to verify that the user is who they claim to be and that the transaction has been duly authorised and not tampered with.
Secure the flow of digital identities and make PSD2 compliance easy
Where data requests are deemed risky – whether through the transfer of money or access to sensitive customer data – PSD2 legislates that banks, financial service providers and fintech must provide a solution that enables secure access and transactions. To achieve this the digital identity of employees and customers must be secure. However, it is equally important for the employee and customer end users that enhanced security doesn’t mean a slow, frustrating user experience.
Intercede’s RapID solution built on the MyID platform allows service providers to embed digital identities into their applications in a secure, simple and cost-effective manner. RapID consists of a back-end service to issue digital identities and an SDK, embedded into a mobile app, to allow them to be collected and used. The issuance, usage and Lifecyle management of digital identities can be managed entirely by APIs and SDKs, enabling RapID to act as a digital identity engine consumed by a banking app, preserving the end organisation branding and user experience.
The choice over when strong authentication is required is made by the service provider, with risk analysis engines typically making the final decision. When strong authentication or digital signing is required, the SDK performs the operation using the protected private key and provides the results back to the calling application for verification using standard PKI principles. Uniquely the solution operates without the need for a dedicated authentication server, though can interoperate with them if required.
Maximum cyber security
Operate on unique, cryptographically protected digital identities that mean you know a person is who they claim to thanks to credentialed devices and the strongest for of two-factor authentication
Simplify the integration of existing IT infrastructure by utilising MyID as the connector for existing infrastructure with PKI digital identity issuance and management
Manage the lifecycle of credentials, automatically revoke them if a user leaves the organization, or update them in advance of expiry. All credential issuance and lifecycle events are recorded within MyID allowing full visibility of who has active credentials
MyID platform has been established as the best practice credential management solution for more than 20 years and is working in many banks and financial service providers around the world to secure the transaction of billions of dollars
Know you have a continually evolving platform that helps deliver PSD2 compliance across physical identity cards, smart cards, smartphone devices, laptops and USB tokens
From the ease of integration across existing infrastructure and devices, to the reduction in IT resource involvement and threat of data breach, MyID reduces cost