MOBILE AUTHENTICATION AND TRANSACTION SIGNING

Perform strong PKI-based mobile MFA to enterprise systems and resources. Authorise transactions using a mobile app.

Organisations need to know that high value business operations, such as authorising a purchase or approving access for a new security administrator, are performed by suitably authorised individuals.

Many organisations have chosen to use smart cards with PKI certificates to authorise high value transactions, as this combines strong authentication of the individual with a digitally signed audit record of the event itself. However, the same approach does not work well with the mobile smartphones and tablets that are now widely used as a convenient business device.

MyID mobile transaction signing solves this problem by providing app based high security transaction approval from a user’s mobile device.

KEY FEATURES

Easy to use iOS and Android mobile app for approving transactions
PKI-based authorisation, providing high security and non-repudiation
Supports PIN, fingerprint and facial match for maximum user convenience

EMPOWER YOUR EMPLOYEES TO SIGN TRANSACTIONS WITH THEIR MOBILE

With MyID Mobile Transaction Signing, organisations can enable mobile devices to be used for approving business transactions, Combining the high security of a PKI-based digitally signed authorisation with the convenience of mobile devices ensures high security can be delivered anywhere with a simple user experience.

TRANSACTION SIGNING BRINGS A VARIETY OF BENEFITS ACROSS THE ENTERPRISE

Easy to integrate – simple REST APIs for easy integration with any business system
Easy to deploy – iOS and Android mobile app supporting MDM-managed and BYOD environments
Easy to support – one system to issue PKI credentials and provide transaction signing

Easy to use – system proactively informs users when a transaction needs approving
Convenient – users can authorise transactions with a simple PIN, fingerprint or facial match

High security – business transactions can be authorised with highly secure PKI credentials backed by two-factor authentication
Audit – the system provides a digitally signed audit record of each event which can be used for non-repudiation, audit evidence and investigation
Low-impact on end users meaning high security doesn’t get in the way of day to day business operations

DEVICE FLEXIBILITY

MyID has extensive integration flexibility to ensure that users have the freedom to use the devices and technology they want.

Mobile app on iOS and Android
REST APIs for easy integration with any application
PKI independence – leverage additional value for the PKI already deployed

HOW IT WORKS

Issuance

The Mobile app is downloaded from an app store or pushed out via MDM
MyID is used to issue a digital identity in the form of a private key and certificate to the mobile app

Authorisation

The system requiring approval passes the data it requires authorising into MyID via the REST APIs
MyID sends a push notification to the user’s mobile device informing them they have a transaction to authorise
The user taps the notification opening the MyID Mobile app which displays the data to be authorised
The user either enters a PIN, places their finger on the phone fingerprint reader or uses Face ID to approve the transaction
The app accesses the private key on the device to digitally sign the authorisation request
The response is passed to the MyID server where the digital signature is verified against the user’s certificate
The approved data and signed record are passed back to the system requiring approval

Want to know more?

If you are ready to book a demo, simply click the button below and we will arrange a demo of MyID Enterprise

demo request

Trusted by Governments and Large Enterprises Worldwide

Where protecting systems and information really matters, you will find MyID. Whether its citizen data, aerospace and defence systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organisations around the world choose MyID to protect themselves against data breach and ensure business continuity.