inWebo Transaction Sealing Scenario
The authentication server verifies 2 authentication factors and a transaction specific data
This scenario is close to the 2-factor scenario. The authentication server verifies that the user who pretends to be Mark both knows Mark’s password or PIN and has access to one of Mark’s trusted devices at the time of authentication. On top of this, the proof sent to the server contains a cryptographic seal of a transaction specific data, such as the amount of a payment, a beneficiary, the terms of a loan contract, etc. That proof is verified too.
The additional benefit of transaction sealing compared to 2FA is to make a transaction non disputable. The seal proves the integrity of the terms of the transaction that was approved by a user whose identity has been verified with 2FA. In case of dispute over a transaction, the user can’t claim that he wasn’t the one who approved the transaction or that the terms were different. Transaction sealing is much easier to implement than electronic signature and can replace it for use cases that do not legally require an electronic signature. For instance, in Europe, starting September 2019, PSD2 requires a transaction sealing for payments initiated from bank accounts.