Entersekt's app, Transakt, replaces the conventional one-time password (OTP) method of authenticating online banking with a more secure system that bypasses the vulnerabilities of SMS text or browser-based passwords. This new solution harnesses the power of electronic certificate technology with the convenience of mobile phones to provide financial institutions and their customers with full protection from account takeover fraud in the online and card-not-present spaces.
Certificates are deployed for hundreds of models of mobile phones on all mobile platforms, including iOS, Android, BlackBerry, Windows Phone or any other Java platforms. Banks retain full control over registering users, and all communication is encrypted end-to-end and cannot be intercepted by outside parties.
When a banking customer initiates a transaction online, Transakt launches automatically and displays the details of the transaction. The only action the customer is required to take is one touch to respond to a simple "Accept/Reject" prompt.
Entersekt's financial institution clients have reported elimination of online banking fraud since the implementation of the system.
"Entersekt has looked to not merely provide a solution that is deemed industry standard, but one that is shaping the model of providing security in the industry," said Frost & Sullivan Research Analyst Lehlohonolo Mokenela. "It is the first company in the world to provide transaction authentication on mobile phones using certificate technology far beyond the native mobile cryptographic capabilities."
Entersekt ensures water-tight security for online transactions through its mobile certificate technology, emCert, which provides bilateral public/private key-encrypted communication from the server located behind the financial institution's firewall, directly to the mobile phone and back again. At no point can a third party – including the mobile carrier – access or tamper with these transmissions.
With full control over user enrolment, only the financial institution is privy to the relationship between the certificate and the customer's identity. Non-repudiation of transactions is supported, since each transaction is digitally signed by the end-user's private key.
Entersekt's solutions are not only easy to implement, operate and maintain, they also provide a consistent, intuitive user experience that requires little, if any, customer education.
"Not only does the Entersekt system offer greater security than conventional OTP-based solutions, but it is also designed with ease of use in mind; it is a proven security platform that stands in stark contrast to more complex, costly authentication solutions," noted Mokenela. "The company has received accreditation from the world's largest payments networks – American Express, MasterCard and Visa – and is the first and only company in Africa to earn all three of these certifications."
Each year, Frost & Sullivan presents this award to the company that demonstrated excellence in technology leadership within its industry by excelling in all stages of the technology life cycle – incubation, adaptation, take up and maturity – to ensure a continuous flow of improvements.
Frost & Sullivan Best Practices awards recognise companies in a variety of regional and global markets for demonstrating outstanding achievement and superior performance in areas such as leadership, technological innovation, customer service and strategic product development. Industry analysts compare market participants and measure performance through in-depth interviews, analysis and extensive secondary research to identify best practices in the industry.