Frictionless PSD2 Strong Customer Authentication (SCA) With FIDO

The smooth authentication experience with FIDO improves the user experience while reducing fraud
Watch our SCA Webinar
(co-hosted with the FIDO Alliance)
WHAT IS STRONG CUSTOMER AUTHENTICATION FOR PSD2?
PCI DSS Requirement 6:
Develop and maintain secure systems and applications
  • We provide standard FIPS 140-2 Level-2 certified cryptographic hardware module, or optional FIPS 140-2 Level-3 certified hardware module for the strongest key management from an open-source solution.
  • Standard FIPS 140-2 Level-1 certified cryptographic software interacting with cryptographic hardware
  • Automatic key rotation for protecting cardholder data (CHD) while your applications continue to service applications, non-stop
PCI DSS Requirement 3:
Protect stored cardholder data
  • We encrypt and tokenize sensitive card-holder data, enabling you to meet PCI DSS sensitive data handling requirements.
  • Keep your core cryptographic keys secret with FIPS 140-2 Level certified cryptographic modules; “M of N” Key Custodian control of hardware-protected keys.
HOW DOES FIDO COMPLY WITH THE STRONG CUSTOMER AUTHENTICATION REQUIREMENT?
REQUIREMENT - POSSESSION
FIDO - Authenticator with Private key
REQUIREMENT - KNOWLEDGE
FIDO - PIN
REQUIREMENT - INHERENCE
FIDO - Biometrics
REQUIREMENT - AUTHENTICATION CODE
The signed response
REQUIREMENT - DYNAMIC LINKING
Authenticator can sign hash
(Challenge, amount and payee)

Benefits of FIDO for Strong Customer Authentication

We've provided PCI DSS compliance solutions to hundreds of companies since our company's inception

Superior User Experience

FIDO offers single gesture authentication to users, making the authentication experience smooth and frictionless. There are no passwords to remember, no codes to copy and paste, and no separate devices needed to complete the authentication process, in the case of platform authenticators.

Deployment/Scalability

FIDO authentication is supported in web browsers such as Chrome, Firefox and Safari (on both OS X and iOS). FIDO authenticators are readily available on many platforms, and off-the-shelf devices can also be used. Devices beyond smartphones are supported, providing greater reach.

Better Security

Due to the fact that there are no shared secrets during authentication, there's nothing to hack. The authentication scheme also has a built-in anti-phishing mechanism, improving the level of security even further.

Easy Integration and Rollout

Once your app is FIDO2-enabled, roll out to your users. Many users have a working authenticator already, like their (Android/Apple) phones or laptops. Users who aren’t ready yet can still keep existing passwords

The result? Less headaches for your dev team

Simple, Flat Pricing

Our open source solution means that you can have unlimited applications, transactions, and users, for one fixed cost

The result? More predictable costs, and more money going to your company's bottom line
FIDO COMPARED TO OTHER AUTHENTICATION METHODS
CONSIDERATION
FIDO
SMS OTP + 
Password
HARDWARE OTP
GENERATORS
PROPRIETARY SMARTPHONE AND BIOMETRICS SOLUTIONS
CAP READERS
User Convenience
PSD2 Compliance
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
Resistance to Phishing
This is some text inside of a div block.
This is some text inside of a div block.
Security of the Solution
This is some text inside of a div block.
This is some text inside of a div block.
Security of the Solution
This is some text inside of a div block.
Account Recovery in case of Loss
This is some text inside of a div block.
This is some text inside of a div block.
Deployment / Scalability
Account Recovery in case of Loss
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
USE CASES FOR FIDO
  • Secure authentication in specific locations, or on specific networks where public network access is unsafe
  • Replacing passwords with phonesand/or Authenticators to remove the vulnerability of writing down or forgettingpasswords, or possibly having them compromised
  • Keep legacy password-authenticated applications while leveraging FIDO2 to secure them, preventing an expensive replacement

What Makes Us Unique

Where can we clone more?

One day, after a troubling visit from the giant Catherine Clifford, Chloe leaves her house and sets out in search of three cosy sausages.

How do we use webflow?

One day, after a troubling visit from the giant Catherine Clifford, Chloe leaves her house and sets out in search of three cosy sausages.

Is Vlad a secret agent?

One day, after a troubling visit from the giant Catherine Clifford, Chloe leaves her house and sets out in search of three cosy sausages.

Did someone find Waldo?

One day, after a troubling visit from the giant Catherine Clifford, Chloe leaves her house and sets out in search of three cosy sausages.