Common 2FA methods use one-time passcodes delivered through SMS, email, or hardware tokens, or use call centers to verify authenticity. However, these methods are extremely insecure, easily compromised, provide a sub-par user experience, and are costly.
InAuthenticate solves these pressing security challenges with an elegant and secure solution that will not degrade the customer experience. Delivered as an SDK, InAuthenticate is a secure two-factor authentication solution. Incorporated as part of your organization’s mobile app, InAuthenticate goes into action when additional verification is needed for a variety of use cases including:
- Payment transactions
- Account changes
- Dual approvals
- Customer acknowledgements or consent
InAuthenticate enables your organization to send a secure message through InAuth’s Trusted Path, a unique and secure architectural design, to a customer’s registered mobile device.
The customer simply opens your mobile app to receive an authentication message and responds accordingly by confirming or denying the transaction. InAuthenticate moves beyond meaningless 6-digit, one-time passcodes by enabling necessary contextual messaging completely controlled by your organization and relevant to the transaction being verified.
Trusted Path is our secure channel of communication, providing an encrypted pathway between the InAuthenticate SDK and InAuth server to send sensitive messages. Trusted Path leverages banking-grade cryptographic algorithms to provide strong protection. Unlike regular HTTPS communications which are susceptible to interception, InAuth’s Trusted Path operates at the messaging layer of the communication stack in order to ensure complete, end-to-endprotection and protect against data leakage, session hijack, interception, and replay attacks. Only the intended device can receive communications sent through Trusted Path, and messages are digitally signed, preventing repudiation.
Messages sent through the Trusted Path can only be read by devices identified with an InPermID, our permanent device identifier for mobile apps. InPermID survives app uninstall/reinstall, operating system upgrades, and application upgrades and cannot be spoofed. This allows your organization to recognize and differentiate returning devices with confidence. The mobile device can act as a trusted second factor of authentication, proving the possession or “something you have” element of authentication. Device Integrity Screening and Risk Analysis InAuthenticate utilizes cybersecurity mechanisms to identify risky behaviors including malware detection, geo-location inconsistency cross-checks, anti-tamper verification, and cloaked root/jailbreak detection. Key Advantages: Strong Customer Authentication InAuthenticate utilizes a unique and permanent device ID in order to identify and recognize returning devices, allowing you to authenticate users with confidence. Once a user is tied to an InAuth deviceID, the mobile device can act as a trusted second factor of authentication, proving “something you have.” Fraud Prevention InAuthenticate’s advanced technology screens devices to detect compromise and prevent fraud, including malware and crimeware detection, cloaked root and jailbreak detection, anti-tamper screening, and geo-location cross-checks. Reduced Customer Friction With InAuthenticate, there is no need for your customers to install additional downloads or clunky hardware. InAuthenticate is part of your organization’s mobile app, keeping your customers in your footprint, allowing them to complete transactions with greater ease. Secure Message Delivery InAuthenticate is protected by InAuth’s Trusted Path, our encrypted communication channel for completely secure server-to-client message delivery. Only the registered device can receive communications sent through Trusted Path, and messages are digitally signed, preventing repudiation. This provides more inherent security than SMS or email application, which are susceptible to message interception. Contextual Messaging With InAuthenticate, the customer opens your organization’s mobile app to receive an authentication message and responds accordingly by confirming or denying the transaction. InAuthenticate moves beyond meaningless 6-digit, one-time passcodes by enabling contextual two-way messaging relevant to the transaction being verified. Reduced Operation Costs One-time codes sent through email or SMS are costly to deliver, as is sending customers to the call center to authenticate themselves. InAuthenticate reduces reliance on passcodes and call center authentication and delivers secure messages directly to your organization’s mobile app.