Entrust today announced a Software Development Kit (SDK) designed to help banks transparently embed Entrust’s strong authentication technology into new or existing mobile-banking applications.
The SDK also will assist financial institutions with deploying stronger authentication for online customer security, a requirement expected to be at the center of upcoming guidance from regulatory agencies of the Federal Financial Institutions Examination Council (FFIEC).
The Entrust IdentityGuard Mobile SDK helps financial institutions thwart this threat by enabling them to embed strong authentication into an application’s mobile session without requiring the user to input a one-time passcode (OTP).
The toolkit also allows financial institutions to incorporate additional security features into mobile banking applications to enhance security for the online channel, including soft tokens and out-of-band transaction verification capabilities.
Embedding OTP tokens is more cost-effective than purchasing, issuing and deploying hardware tokens because it leverages devices that are already widely deployed — increasing user acceptance. This transparent approach meets mobile user expectations of quick, simple application access and helps application providers build a consistent brand between their mobile application and online presence.
Designed for Developers
For software developers creating mobile applications, security is often a secondary concern yet needed to help comply with regulatory guidelines for the financial industry, such as those provided by the FFIEC. But because of its straightforward APIs, the Entrust IdentityGuard Mobile SDK allows developers to easily design and implement identity-based security into their branded mobile applications without sacrificing usability or transparency for end-user adoption.
The SDK provides a number of capabilities that enables features such as transparent strong mobile authentication, soft token display to address online banking security and out-of-band transaction verification to help defeat advanced fraud attacks such as man-in-the-browser. With support for the most popular platforms, the toolkit delivers a common API framework that allows developers to leverage integration efforts across multiple development environments.
The solution isn’t just for banking environments, however. Entrust IdentityGuard Mobile can also be used with Entrust IdentityGuard to provide strong authentication for enterprise use, remote access or government initiatives.