inWebo MFA for financial services: PSD2 & strong authentication
Banks, financial services and interbank payment networks are subject to numerous regulations, including PSD2 , which requires the implementation of a strong authentication solution to validate payments and seal sensitive transactions.
PSD2 and Strong Authentication
Banks, interbank payment networks and financial services are the most popular targets for cybercriminals. They are in fact regularly targeted by cyber attacks that can be highly targeted and sophisticated: credential stuffing, presidential fraud, phishing and its avatars (man in the middle, man in the browser), SIM swapping and many others.
The financial sector handles a large amount of data, personal and, of course, financial. Yet the many points of contact, both internal and external, are vulnerabilities that are ready to be exploited by malicious people. Securing them is therefore imperative to protect customers, reputation and, ultimately, the industry's bottom line.
Beyond cyber-risks, financial services stakeholders are subject to numerous laws, regulations and standards. The PSD2, for instance, has had a significant impact on the payment ecosystem, not only on banks and new FinTech payment players, but also on consumers who are increasingly faced with new verification procedures for logging in or paying online.
With the PSD2, strong authentication becomes mandatory and the second factor sent by SMS - a solution that is neither practical nor secure - is not compliant. It is therefore necessary to implement an effective strong authentication solution without compromising on the customer experience or ease of integration.
Which strong authentication solution should you choose to ensure that the customer experience and ease of integration are not compromised?
Highly coveted customer and internal data
The new model for banks is now very clear: fewer agencies of their own, fewer face-to-face contacts. In other words, less paper and more digital. But this increasing digitisation multiplies the amount of data in circulation and automatically increases the risk of attacks. At the same time, credit card information is becoming more and more sought-after on the Dark Web. Consequences? Hackers seek to meet this demand by hacking more victims. The impact of a cyber attack on banking services can be devastating to a company's financial situation and brand reputation.
average cost of cyber attacks in financial services
76 230 127
compromised cards offered for sale in the various markets
62%
data leaks from financial services in 2019
66%
of consumers would leave a bank if its response to a data leak was slow or ineffective
Accenture, Cost of Cybercrime, 2018 |Sixgill 2020 | Bitglass report, Identity Theft Resource Center (ITRC) and the Ponemon Institute, 2020 | Banking Dive, 2019 |Cyber threat intelligence Report, 2019
Many risk factors
Online transactions and payments
They are an easy source of income for ill-intentioned individuals to attack, whether it is through phishing or identity theft.
Banking applications
They are the gateway to data and a major vector of attack for cybercriminals. Moreover, they are generally less well protected than websites.
The move to the cloud
This is a real godsend for hackers. Account spoofing gives access to a lot more data and information as the use of the Cloud becomes more widespread.
Employees
Non-revoked or reassigned employee access, remote access, BYOD... it is often more cost-effective and easier for hackers to design internal attacks to strip companies of personal data collected from their customers or employees.
Strong authentication, an obligation of the PSD2 to improve the security of online payments
The PSD2 directive obliges banks and other payment service providers to put in place the necessary infrastructure for strong authentication. Unfortunately, although this technique is effective against fraud, industry professionals regret that it lengthens the purchasing process and lowers the conversion rate.
Did you know that this is not the case for all multifactor authentication solutions (MFA)?
Indeed, there is a solution that can have a highly beneficial impact on the customer experience. A solution with a simplified and fluid connection experience: no more passwords to remember, no more SMS to copy!
Compliance PSD2 with inWebo strong authentication
You don't have to sacrifice the user experience to secure your access with strong authentication and be in compliance with the PSD2 . You can even enhance it.
Ultra-secure MFA: Zero Trust, Zero Theft
Secure customer relations with a solution integrated into your usual environment (mobile, tablet, web). An infallible barrier to protect you against attacks such as Phishing, CEO Fraud, Man-In-The-Middle, SMS Forwarding, SIM spoofing and Man-In-The-Browser.
Improves productivity and reduces costs
Reduce security costs and promote teleworking and mobility. inWebo's MFA solution is a more secure environment, a faster login experience for your employees and a flexible solution that adapts to your technical environment.
Extremely easy to use for the customer
Offer your customers a passwordless, simpler and faster connection experience regardless of their trusted token: smartphone, tablet, computer, browser. What's more, our solution's selfcare allows them to be autonomous in managing their authentication means. The result? Fewer helpdesk calls for you, more fluidity for them.
PSD2 and GDPR compliance
Faced with stricter security requirements, the inWebo solution is compliant with the Personal Data Protection Rules (GDPR) and supports you in achieving compliance PSD2.
ANSSI Certification
Webinar
PSD2 and strong client authentication SCA: combine security and a simplified user experience
Discover how and why inWebo's strong authentication (MFA) offers a unique combination of security, speed of implementation and ease of use.
Our references in the financial services sector
6 rules to follow to provide a simple and secure login experience
A user-friendly login experience (UX) that is as secure as it is simple is often taken for granted, but it is not always easy to achieve. This article...
2FA, MFA and Adaptive MFA : what are the differences?
Passwords alone were once the most secure way to protect important data and documents. This is not the case today. Passwords offer only a limited protection against unauthorised access...
FIC 2022: inWebo presents its new CIAM solution for orchestration and adaptive multi-factor authentication
FIC, the European cybersecurity event, is back from 7 to 9 June 2022 in Lille. The occasion for inWebo to present to the public its new Identity and Access Management offer built on the basis of the...