Despite banks investing countless resources to counter cybercriminals, social engineering attacks and phishing schemes are still rampant. However, with OneSpan’s Cronto transaction signing solution, banks can not only mitigate fraud risks but also boost user experience.
In a new blog post, OneSpan highlighted the use cases of its Cronto technology, adding that it goes beyond transaction authorisation. The Cronto visual transaction signing solution has been predominantly used to enable banks to secure financial transactions with minimal friction. The entire process of scanning a code, verifying transaction details, and signing the transaction is completed within seconds.
Using Cronto technology allows banks to serve their entire customer base – regardless of the customers’ preference for a mobile or hardware token. The solution provides a consistent user experience for every single customer, regardless of the channel they use, without adding additional authentication friction to the user experience.
The company added that one of the key features of Cronto is that it is a passwordless solution that combines high security with a convenient user experience. It detailed, “Your users will no longer need to type a username, password, or challenge. You simply scan the Cronto image with your mobile or Cronto hardware authenticator.”
Users can authorise a transaction without having to manually add transaction details by scanning the Cronto image and verifying the transaction details. A visual cryptogram authentication code, similar in some ways to a QR code, is then generated on the user’s mobile device in real-time and passed back to the bank’s server to complete the transaction.
Apart from the benefits of a passwordless logon and transaction signing flow, Cronto’s technology can also be deployed to allow you to withdraw cash without using a card. A user would simply open their app, select the account and the amount of withdrawal. On the ATM screen, a Cronto image will be generated, containing the details of the transaction. The user then scans this Cronto image, approves their request via the preferred authentication method such as mobile biometry or PIN entry, and after the mobile app sends the transaction confirmation code back to the bank, the ATM dispenses cash.
Another challenge is receiving PIN codes for credit and debit cards through unsafe means such as SMS and email which can be easily intercepted. Solving this pain point, OneSpan’s encrypted Cronto image can be used to deliver PIN where only the intended user will be able to scan and read the new PIN. Banks can also choose to deliver the encrypted PIN via their online banking channel or email, thus eliminating the additional costs related to hardcopy PIN mailers.
The blog concluded, “The above use cases demonstrate that Cronto is a fit for any financial institution looking for a secure, user convenient, PSD2 compliant, and cost-efficient authentication and transaction authorization solution.”
Copyright © 2018 RegTech Analyst