Confidentiality, integrity and authenticity in mobile online banking
KOBIL enables digital identity for secure transactions via app
KOBIL Systems GmbH offers with “mID Security Suite” a directive-compliant security solution to ensure the protection of banks, insurance companies, health insurance companies and their customers in mobile applications such as online banking. With this announcement the Worms based company is improving security gaps in digital online banking transactions and ensures a secure app with safe log-in, confidentiality and integrity. The protection of the digital identity is validated upon the authentication of the user, the device identification and the authenticity check of the mobile application, whether smartphone or tablet.
The customer does not need any additional hardware when using the app for transactions. The mID security suite is seamlessly integrated into the installed hardware and software environment and works independently with the operating system. Accomplished is this via the communication channel (see chart) which realises the end-to-end encrypted authentication between smartphone (SDK), the SSMS (Smart Security Management Server) to the backend of the customer. The Software Development Kit (SDK) can be embedded on any mobile device as well as in any mobile app. Manipulation and creation of fake apps are not possible.
With the primary activation, the app is linked to the personal mobile device and registers itself via the communication channel on the SSMS. This server is the backend part of the security solution and is typically located in the customer’s data centre. For example, it controls whether the app is actually running on the originally registered device, whether it has been copied or whether the app’s code has been modified.
This guarantees a secure connection and that the encrypted data coming from the app is also authentic. Only when all test routines have been successfully completed the SSMS releases the access utilising the customer app channel on the virtual smartcard in the registered app. From this moment on, the communication between customer and provider is encrypted, binding and secure.
KOBIL offers this security application to finance, insurance and health insurance companies. Ismet Koyun, CEO of KOBIL emphasises: “Any bank which does not secure his transaction service app on customer’s smartphones will lose the consumers trust. Only in this way can the financial industry proactively tackle the challenges of the future and remain competitive.” His solution also complies with all government regulations regarding data protection and IT security.
The app strategy: The mID Security Suite protects the user side (smartphone), employs the communication channel and the SSMS whether the mobile app is registered on the original PC, tablet or smartphone and rules the affirmative code. Only after this authentication and the correct user PIN the connection between smartphone and bank is established throughout the customer app channel.