by Alain Gruge, Global Head of Payments & Cash Management, Societe Generale
Although information technology tools are already part of everyday life in the banking community and cash management services, the major innovation of new communication media -such as smartphones and tablets - creates new practices and new requirements from their users. How can we meet these expectations, maintain and even reinforce security and anti-fraud mechanisms? This is one of the key challenges of e-banking.
The exponential growth of smartphones and tablets introduces users’ new behaviours like ‘Bring Your Own Device’: the use of personal devices for business needs. Current authentication procedures are tailored for physical media and perceived as complex. They have to be modified to meet the needs of these new mobile devices (smartphones and tablets), equal to speed and simplicity.
Nowadays, strong authentication required for secured access always calls for the use of a physical medium (flash drive, OTP token, card, etc.). Such tools are poorly suited for mobility model on smartphones and tablets. Consequently, the banking sector is leading various projects to simplify access to smartphones and tablets without jeopardising security. These projects are based on existing technologies combining functional simplicity and security. One of these innovations is the ‘out-of-band’ (OOB) solution. OOB is a secured software linked to the banking application, in which a password is required to authenticate or validate transactions.
- Functional simplicity: Some banking applications already authorise secured access with no physical medium (non-contact mobile payments, on-line card payments via 3DSecure, etc.). Out of band can easily be used on any internet media for all types of transactions.
- Security: The out-of-band solution integrates WYSIWYS (What You See Is What You Sign) contextual validation, which therefore becomes clear and helps to thwart cyber attacks from the browser.
Societe Generale has chosen an out-of-band solution that can be shaped for any internet media.