Entersekt Awarded New Patent for Frictionless Multi-Factor Authentication

Entersekt, the financial authentication company, continues its trailblazing innovation in the fight against financial fraud with its 99th software technology patent application being granted by the US Patent office. Entersekt was recently awarded a new patent for its approach in enabling frictionless, multi-factor authentication (MFA) – US granted patent “Frictionless SCA (Strong Customer Authentication).”

This now enables Entersekt to provide a MFA solution without any explicit user interaction required.

By combining possession and inherence factors, Entersekt’s Browser ID or Mobile App ID technology, combined with behavioral biometrics identifies “trusted interactions” and makes frictionless, context-aware authentication for digital banking and payment fraud prevention possible. Entersekt now is the patent holder for MFA via the integrated combination of possession (cryptographically signed Browser ID/App ID) and inherence (behavioral biometrics during user action) factors, which enables authentication without requiring an active authenticator, such as a one-time passcode or a biometric FIDO authentication.

This means consumers can interact with their digital banking platform and shop online as they always do, and through their existing actions provide authentication for digital transactions, for example e-commerce via 3-D Secure. The patent also includes a mechanism to digitally sign the transaction on the customer device, enabling dynamic linking, a requirement in European PSD2 regulations, to happen at the same time.

Browser technology providers including Apple, Google, Mozilla and Microsoft are actively restricting the use of third-party browser cookies to track users in response to privacy regulations like the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Simultaneously, industry bodies like the W3C and EMVCo are working to recommend alternatives, even though many financial institutions use and depend on browser cookies for security, fraud prevention and personalisation. New, complex fraud schemes use phishing attacks and session cookies to capture login credentials and access accounts. Entersekt embraces this privacy friendly and tracking-free future with several innovations to preserve strong customer authentication while still allowing a frictionless user experience for customers that want it.

The latest patent confirms that Entersekt’s technologies can qualify as possession and inherence factors, thereby achieving strong multi-factor authentication without subjecting the user to active challenges such as the ones used by current multi-factor authentication solutions.

“The value of our unique Browser ID/App ID is a key differentiator. Where most vendors still focus on fingerprinting to identify devices, we’re going further to provide a privacy friendly signal that provides cryptographic proof of possession, thereby giving banks comfort that the client is using a known and trusted device. This patent (filed in 2021, adding the inherence factor for an integrated frictionless, multi-factor experience) is game-changing in our mission to improve transaction approval rates, while maintaining security, and an emphasis on frictionless authentication,” Gerhard Oosthuizen, Chief Technology Officer at Entersekt.

A Liminal Research Report from January 2024, Customer Authentication Market and Buyer’s Guide states, “Of the 87% of organisations that have not fully transitioned to passwordless authentication, 97% indicate a readiness to do so.”

Financial institutions mostly depend on one-time passcodes (OTP) combined with username and password or mobile phone biometrics for digital banking logins, password resets, push payments/money movement or customer service authentication, while merchants leveraging 3-D Secure depend on an issuer for cardholder authentication. While fraudsters may use a SIM-swap, social engineering, or other techniques to access an account from an unknown device, silent attestation of a trusted device and a trusted user protects against these attacks and enables frictionless authentication for both login and payments, while achieving regulatory compliance with much less friction and a better customer experience. This new patent underscores Entersekt’s pioneering role in shaping the financial authentication market and a commitment to continued innovation.

You may also like

Popular News