Frictionless PSD2 Strong Customer Authentication (SCA) With FIDO
The smooth authentication experience with FIDO improves the user experience while reducing fraud
Watch our SCA Webinar
(co-hosted with the FIDO Alliance)

WHAT IS STRONG CUSTOMER AUTHENTICATION FOR PSD2?
PCI DSS Requirement 6:
Develop and maintain secure systems and applications
Develop and maintain secure systems and applications
- We provide standard FIPS 140-2 Level-2 certified cryptographic hardware module, or optional FIPS 140-2 Level-3 certified hardware module for the strongest key management from an open-source solution.
- Standard FIPS 140-2 Level-1 certified cryptographic software interacting with cryptographic hardware
- Automatic key rotation for protecting cardholder data (CHD) while your applications continue to service applications, non-stop
PCI DSS Requirement 3:
Protect stored cardholder data
Protect stored cardholder data
- We encrypt and tokenize sensitive card-holder data, enabling you to meet PCI DSS sensitive data handling requirements.
- Keep your core cryptographic keys secret with FIPS 140-2 Level certified cryptographic modules; “M of N” Key Custodian control of hardware-protected keys.
HOW DOES FIDO COMPLY WITH THE STRONG CUSTOMER AUTHENTICATION REQUIREMENT?
REQUIREMENT - POSSESSION
FIDO - Authenticator with Private key
FIDO - Authenticator with Private key
REQUIREMENT - KNOWLEDGE
FIDO - PIN
FIDO - PIN
REQUIREMENT - INHERENCE
FIDO - Biometrics
FIDO - Biometrics
REQUIREMENT - AUTHENTICATION CODE
The signed response
The signed response
REQUIREMENT - DYNAMIC LINKING
Authenticator can sign hash
(Challenge, amount and payee)
Authenticator can sign hash
(Challenge, amount and payee)
Benefits of FIDO for Strong Customer Authentication
We've provided PCI DSS compliance solutions to hundreds of companies since our company's inception
Superior User Experience
FIDO offers single gesture authentication to users, making the authentication experience smooth and frictionless. There are no passwords to remember, no codes to copy and paste, and no separate devices needed to complete the authentication process, in the case of platform authenticators.
Deployment/Scalability
FIDO authentication is supported in web browsers such as Chrome, Firefox and Safari (on both OS X and iOS). FIDO authenticators are readily available on many platforms, and off-the-shelf devices can also be used. Devices beyond smartphones are supported, providing greater reach.
Better Security
Due to the fact that there are no shared secrets during authentication, there's nothing to hack. The authentication scheme also has a built-in anti-phishing mechanism, improving the level of security even further.
Easy Integration and Rollout
Once your app is FIDO2-enabled, roll out to your users. Many users have a working authenticator already, like their (Android/Apple) phones or laptops. Users who aren’t ready yet can still keep existing passwords
The result? Less headaches for your dev team
The result? Less headaches for your dev team
Simple, Flat Pricing
Our open source solution means that you can have unlimited applications, transactions, and users, for one fixed cost
The result? More predictable costs, and more money going to your company's bottom line
The result? More predictable costs, and more money going to your company's bottom line
FIDO COMPARED TO OTHER AUTHENTICATION METHODS

CONSIDERATION
FIDO
SMS OTP +
Password
Password
HARDWARE OTP
GENERATORS
GENERATORS
PROPRIETARY SMARTPHONE AND BIOMETRICS SOLUTIONS
CAP READERS
User Convenience
PSD2 Compliance
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
Resistance to Phishing
This is some text inside of a div block.
This is some text inside of a div block.
Security of the Solution
This is some text inside of a div block.
This is some text inside of a div block.
Security of the Solution
This is some text inside of a div block.
Account Recovery in case of Loss
This is some text inside of a div block.
This is some text inside of a div block.
Deployment / Scalability
Account Recovery in case of Loss
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
USE CASES FOR FIDO
- Secure authentication in specific locations, or on specific networks where public network access is unsafe
- Replacing passwords with phonesand/or Authenticators to remove the vulnerability of writing down or forgettingpasswords, or possibly having them compromised
- Keep legacy password-authenticated applications while leveraging FIDO2 to secure them, preventing an expensive replacement