close
close

Browser ID and ‘silent authentication’ are the foundation for online banking security

With so much attention being paid to mobile banking and digital wallets, online transactions often get lost in the mix. Although mobile devices have become ubiquitous, transacting via desktop browsers is still an essential channel. And with the switch to the internet comes another form of fraud and identity theft. Browser-based authentication presents unique challenges, especially when it comes to maintaining a balance between security and ease of use.

Entersekt, a leading financial authentication company, develops solutions that address these issues. Entersekt Vice President of Product Identity and Authentication Mzukisi Rusi recently told PYMNTS that traditional methods, such as cookies and device fingerprinting, are increasingly restricted due to privacy concerns and regulations imposed by tech giants like Google and Apple. The best authentication, he said, is silence.

“Identifying a returning browser without using privacy-invading cookies or fingerprinting methods is complex,” says Rusi. “Our approach uses cryptographic proof and signatures to uniquely identify devices, ensuring privacy and security.”

When it comes to identity verification, user experience is critical. Active authentication methods such as entering one-time passwords (OTPs) or biometric verification, while secure, can disrupt the user experience. Entersekt’s solution to this problem is ‘silent authentication’, a method that works unobtrusively in the background.

“Active authentication requires direct user involvement, such as entering an OTP or approving a push notification, which can interrupt the user experience,” Rusi told PYMNTS. “Silent authentication, on the other hand, uses risk assessments and strong signals, such as browser ID, to verify ownership without user input. Think of it as an invisible guard that guarantees your identity without constantly needing your input.”

Entersekt has patented a unique approach to multi-factor authentication (MFA) that improves both security and user experience. Their Browser ID technology acts as a digital fingerprint for browsers, providing a privacy-friendly alternative to cookies and traditional device fingerprints.

“Browser ID uses cryptographic signatures to identify a device,” says Rusi. “When challenged, the device silently proves its identity by signing a challenge with a private key. This process is designed to respect user privacy and does not track browsing history or share data between sites.”

Furthermore, Browser ID can be combined with other risk signals, such as behavioral biometrics, to enable true MFA, even in a completely silent manner. This means that users benefit from strict security without any active involvement, striking a balance between usability and protection.

Roadmap for the future

Entersekt’s vision for the future revolves around expanding Browser ID adoption and improving user experience across various digital channels. The company is already receiving positive feedback from financial institutions (FIs) in the US that have implemented this technology.

“We have rolled out Browser ID to several financial institutions and the feedback has been overwhelmingly positive,” said Rusi as he shared Entersekt’s roadmap for the future. “Users appreciate being recognized as trusted without having to authenticate repeatedly. We aim to expand this technology across more channels and continue to improve the balance between security and ease of use.”

Entersekt’s broader goal is to ensure compliance with regulatory frameworks, such as PSD2, without compromising on the user experience. Rusi notes that his company aims to adhere to regulations such as PSD2 by silently digitally signing transactions on a customer’s device, ensuring both integrity and compliance. This results in a secure user experience without any additional steps.

For FIs, implementing Entersekt’s Browser ID offers several operational benefits. Lower fraud rates, improved customer loyalty, and lower costs associated with fraud prevention and user authentication are just some of the benefits.

“Financial institutions benefit from improved security, which leads to less fraud and happier customers,” Rusi said. “Additionally, complying with regulations without compromising the user experience can result in stronger customer loyalty. FIs also get stronger risk signals, allowing them to decide when to actively challenge users and when to allow seamless transactions.”

Back To Top