Transakt

Financial institutions and other organizations use the Transakt software development kit to integrate Entersekt’s multi-factor authentication technology into their existing mobile apps. Where rapid rollout is required, the off-the-shelf Transakt mobile app offers the same security features but with limited scope for customization.

Transakt >

Interakt >

Entersekt technology in action

UNIQUE DEVICE ID

Entersekt’s patented emCert mobile certificate technology generates a public/private key pair that uniquely identifies your customer’s mobile device. Communications from your financial institution are similarly validated on the device, so your customer can be sure of their source.

TRANSACTION SIGNING

Customer responses are signed with the device’s private key, supporting nonrepudiation. Transakt also allows signing of individual batched transactions on a mobile device, meeting stringent regulatory requirements in Singapore and elsewhere.

CUSTOM SIGNING CERTIFICATES

Although emCert is always used to establish the secure communication channel between your financial institution and your customer’s mobile device, multiple certificates from certification authorities can be hosted in the protected Transakt key store. You can thus continue using certification authorities you trust or are integrated to for certain business processes.

ENCRYPTED CHANNEL FOR OUT-OF-BAND AUTHENTICATION

Transakt’s self-contained, NIST-compliant cryptographic stack and communications layer enables an isolated, end-to-end encrypted communications channel between the user’s mobile device and your mobile app server. No third party, including Entersekt, can access these communications.

​Because this cryptographic stack forms an entirely separate communications channel from the conventional Transport Layer Security (TLS) channel initiated via the mobile device’s operating system, even transactions originating from the same mobile device can be authenticated out of band.

SECURE BROWSER PATTERN

Transakt also enables trusted TLS connections to your web servers, protecting mobile-initiated communications from man-in-the-middle tampering or eavesdropping.

DYNAMIC PUBLIC KEY PINNING

For protection against man-in-the-middle attacks exploiting rogue certificates, Transakt provides the option of public key pinning. Here, your mobile banking application disallows a TLS connection if it cannot match a certificate to your institution’s custom list of trusted certificates.

FIPS 140-2 LEVEL 3 ON-PREMISE ENDPOINT

Transakt is the user-facing component of the Entersekt ecosystem. It works in conjunction with the Transakt Secure Gateway hardware appliance, where all encrypted communications terminate. The Transakt Secure Gateway, which communicates with the institution’s back-end services, incorporates a FIPS 140-2 Level 3 hardware security module for encryption functions.

MULTI-TENANCY SUPPORT

A single Transakt Secure Gateway cluster can accommodate multiple service IDs. This allows Entersekt’s clients and partners to provide secure channel capabilities to multiple institutions or brands independently, and to add new ones rapidly too.

PROTECTION FROM MALWARE AND BRUTE FORCE ATTACKS

Layered mobile and server-side detection/prevention procedures in place mean Transakt is invulnerable to common malware, SIM swaps, and brute force attacks.

ADDITIONAL LAYERS OF SECURITY

Transakt natively supports fingerprint biometrics on mobile devices with this capability. It also provides device and application context to the Transakt Secure Gateway for context-based risk scoring. Data points used include device type, operating system version, geographic location, and advanced detection of rooting, jailbreaking, or similar mobile operating system security bypass hacks.

SIMPLE ONE-CLICK AUTHENTICATION

Transaction authentication requests are automatically pushed to your customer’s mobile device. They respond by simply selecting Accept or Reject. No clumsy re-entry of one-time passwords or answers to challenge questions is required.

 

FACT SHEET
​Build in trust with the Transakt SDK

ONE BANK'S EXPERIENCE

Nedbank is among South Africa’s largest financial institutions, with a market capitalization of around $11 billion and over 6 million retail and corporate clients. Headquartered in Johannesburg, it employs 29,000 staff.

Click here to learn how Nedbank uses Transakt

Entersekt Transakt

b a j r l
Copyright Entersekt | Terms and Conditions
Patents and Patents Pending