Mobile technologies have been changing our way of life. Today we spend more time on our phones and tablets than on PCs, and this trend applies to banking as well. We now predominantly use our mobile phones for banking transactions. However, this rapid transformation paves the way for vital transactional risks. InAuth InMobile is the solution to eliminate these risks by detecting suspicious transactions in mobile banking.

InMobile uses an ultra-light software development kit consisting of four layers: Device fingerprinting, device integrity checks, security capabilities and risk management. InMobile uses hardware information, specific device information and usage data of mobile devices to create a permanent device ID. Devices tagged with permanent device ID are constantly monitored by risk engines incorporated into the InAuth architecture during mobile banking transactions.

Features of InMobile

Creating a Permanent Device ID with PermID InAuth stands out as the only producer in its field to specialize in creating a unique and permanent device ID (InPermID). InPermID remains unaffected and cannot be deceived by application install/delete actions or operating system updates, allowing your bank to securely recognize and discern the devices in use, and block devices that pose a risk before an attack can occur. Device integrity check provides protection against many types of attack by constantly monitoring the mobile devices that perform the transaction.

Malware / Trojan / Crimeware Detection Internet fraudsters use malware to transfer money from users’ accounts to their own, and also to steal customers’ credentials. They also use tools such as keyloggers and IP spoofing software which can block/redirect SMS and one-time e-mail passwords, and can copy users’ passwords to disguise themselves. InMobile monitors and detects all known malware and hacker tools.

Advanced Root / Jailbreak Detection Rooted devices are more likely to fall victim to financial Internet fraud due to compromises in their protection. They are also open to malware risks and installation of unknown trojans. InAuth protects the bank and the customer from possible attacks with its root and jailbreak detection capabilities.

Application Control Mobile Phishing is a common attack vector where fraudsters capture a customer’s personal information by convincing them to install fake applications on their mobile devices. InMobile Application Control layer protects the integrity of your bank’s mobile application by detecting suspicious changes.

Security Features

Secure Route Secure Route is a security architecture within InMobile which provides a completely reliable route for transferring sensitive information from InAuth server to InAuth software development kit. Secure Route is end-to-end encrypted, digitally-signed and protected against recurring attacks. A device using Secure Route becomes the only device in the world to be able to read a specific sensitive piece of information. Secure Route enables InAuth to provide powerful security features such as Secure Messaging, SSL Pinning and White Box Cryptography.

Secure Messaging SMS and e-mail messages have proved to be insecure channels for communicating sensitive information. Generic security messages sent through these channels can confuse consumers and lead to congestion at the call center, which not only increases costs but also affects customer experience negatively. InMobile’s Secure Messaging layer uses our encrypted protocol to convey messages to your customer in a secure fashion.

Certificate Pinning (SSL Pinning) MiTM or Man-in-the-Middle is one of the most common attack vectors used in mobile channels. Internet fraudsters lead customers to fraudulent websites by deceiving them through social engineering, malware or other attacks, and place themselves in the middle of the communication channel to listen to and change the data. InAuth uses the SSL Pinning (Certificate Pinning) technique for all communication protocols and guards against MiTM attacks.

White Box Cryptography Attackers can analyze the binary codes of an application and corresponding memory pages, and tamper with the application’s execution. Such attacks are denoted as “White Box” attacks. Accordingly, WBC (White Box Cryptography) is essential for ensuring the security of open systems such as smart phones and tablets. A WBC layer individually encrypts and stores any sensitive information (cryptographic keys, identity information etc.) that exists/is used within the system with different algorithms. You can securely store any sensitive information in your mobile application according to the access control principles that you determine on the WBC interface provided by InMobile.

Although mobile application usage becomes more widespread day by day, browsers are still the main channels accommodating a great number of shopping or banking transactions, with astronomic figures every day, whether accessed via mobile devices, PCs, tablets or other devices. Unfortunately, these browsers are open to many threats and attacks. InBrowser is the solution for retailers, financial institutions, healthcare providers and other businesses in need of tools to protect their transactions from fraud, while still providing a positive customer experience.

InBrowser
With advanced fingerprint technology, InBrowser provides business-class browser intelligence and protects users who perform transactions via online channels by assessing the risk.

Programmed using JavaScript only on state-of-the art architecture to cover modern operating systems and browsers, InBrowser not only collects data including location and time, add-ons, IP addresses etc. which are entered for real-time logins or during transactions, but also reveals indicators of high-level risks in order to identify the device’s reliability. Businesses can establish trust and discern good consumers from bad, can make more secure transactional decisions, and expand digital channel functionality without the risk of fraud.

InBrowser Features

Recognizing Devices with InBrowserID InAuth’s fingerprint identification for browsers defines the highest level of device differentiation capabilities, and allows your users to seamlessly authenticate their identity with fewer actions. InBrowser uses the cutting-edge InBrowserID, which can recognize device-specific browsers in order to generate strong and consistent fingerprint identification. InBrowserID is protected from attacks by the deceptive transaction detection feature, which can detect malicious parties looking to hack the fingerprint mechanism.

Cross-Channel Binding InBrowser’s Cross-Channel Binding feature helps you link a single user across channels by creating a method to link InPermID, a permanent mobile device identifier, to InBrowserID on the same device.

InBrowser’s Key Advantages

Fraud Prevention
Fraud attacks on account opening, application and payment transactions are expected to increase as the world becomes more digital. According to the Aite Group, Card-Not-Present fraud will grow to 7.2 billion dollars by 2020. Fraud attacks not only result in losses, but also do serious harm to brands and customer loyalty. With InBrowser you can get a holistic view of the customer and make more secure transactional decisions, thus fighting fraud with better device recognition and risk analysis tools.

Hassle-Free Authentication
InBrowser provides business-class permanent and unique device fingerprinting, which minimizes error rates while maximizing the life of the fingerprint. With InBrowser, the user’s device can be used as a second factor to provide improved customer experience, and reduce the number of wrong positives/negatives when processing transactions. InAuth returns an InBrowserID in milliseconds, even when JavaScript or Flash is deactivated on the user’s device.

Simplified Management
InBrowser provides an easy-to-use customer console where your administrators can configure your account settings and review critical device intelligence. The administration panel allows for simplified configuration of company rules and device scoring by enabling secure access to our risk analysis tool. This console boasts a highly robust device access management panel and capabilities including device information records, account management and comprehensive reporting.

Reduced Identity Query Rates
With the ability to match a user or account with an InBrowserID, businesses can reduce identity query rates for returning users, and make better decisions when determining the users and conditions to be subjected to additional identity queries.

Business-Class Leadership and Stability
InAuth always ensures 99.999% uptime. Our specialized team of knowledgeable and experienced account administrators deploys InAuth products in cooperation with our customers to help them reach their strategic and tactical business goals.

Flexible and Adaptable Distribution
You can control and choose how to operate the system. Our main objective is to help our customers to be successful in all their actions, from configurable business rules and weight assignment to hosted distribution or consumption of raw device data.

Digital Channel Innovation
Knowing that the device is used by a “good” customer and within normal tolerance limits means that you “know” the device as part of a two-factor authentication process. Knowing that a device is reliable, you can launch innovations such as customer gain rates, guest payment, and single-click payment without worrying about the possibility of increased risk. When you are able to detect a known customer shopping online over their home Wi-Fi and using their own tablet which does not show any suspicious risk or abnormality, you can apply a simplified authentication scenario, and allow this customer to pay with a single click.