Transakt

One-touch, multi-factor authentication for digital banking and payments.

Deploy digital certificate technology to the mobile phone for push-based, out-of-band, multi-factor authentication and advanced app security.

transakt use cases 800px

Whether it’s securing online banking, mobile banking, and online shopping, or protecting sensitive app-based communications in the insurance or healthcare industries, we have you covered. The Transakt security platform harnesses the power of digital certificate technology and deploys it seamlessly to the mobile phone or tablet. Industry-standard X.509 certificates uniquely identify each registered user’s mobile device, digitally sign real-time transaction verification requests, and encrypt communications to and from your servers.  

Transakt is available as a powerful software development kit, ready to be incorporated into your existing mobile applications. Where rapid rollout is required, off-the-shelf or white-label Transakt security apps offer the same security features but with limited scope for customization.

Transakt

Product features

Our patented emCert mobile certificate technology generates a public/private key pair that uniquely identifies your customer’s mobile device. Communications from your financial institution are similarly validated on the device, so your customer can be sure of their origin and integrity.

  • Provides a unique means of deploying public key infrastructure to the mobile phone at scale
  • Converts mobile phones and tablets into trusted second factors of authentication
  • Issues certificates to mobile devices before customer identity proofing and enrolment, so only your organization is party to the identity of the user
  • Avoids reliance on the SIM card, IMEI number, and weak mobile device fingerprinting techniques

Transakt’s self-contained, NIST-compliant cryptographic stack and communications layer enables an isolated, end-to-end encrypted communications channel between your customer’s mobile device and your mobile app server. No third party, including Entersekt, can access these communications.

  • Avoids using the open Internet and unsecured mobile networks for authentication purposes
  • Allows transactions to be initiated and authenticated completely out of band using the same mobile app
  • Asymmetrically encrypts all authentication requests and responses from end to end
  • Protects mobile browser-initiated communications from man-in-the-middle attacks

With Transakt, authentication prompts are automatically pushed to your customers’ mobile devices. Presented with the exact transaction details, they respond by simply tapping Accept or Reject. Their responses are signed with the device’s private key, supporting nonrepudiation. No clumsy re-entry of one-time passwords or answers to challenge questions is required.

  • Enables a one-touch authentication experience designed for a mobile-first world
  • Signs customer responses with the device’s private key, supporting nonrepudiation
  • Can host multiple certificates in the protected key store, so you can continue using certification authorities you trust or are integrated to for certain business processes
  • Supports native device-based biometrics and includes a plug-in architecture for third-party biometric solutions
  • Deploys as a FIDO Ready™ U2F (universal second factor) token

With mobile so central to serving and securing your customers, your app’s integrity is of vital importance. Take our expert advice on securing your app; we have been a mobile-centered security provider for almost a decade. Transakt’s layered mobile and server-side detection and prevention procedures mean it is invulnerable to malware, SIM swaps, and brute force attacks.

  • Forms the bedrock of security on which to build a feature-rich and highly secure mobile app
  • Includes app tamper awareness and advanced detection of rooting, jailbreaking, or similar mobile operating system security bypass hacks
  • Serves risk engines with device and application context, including device type, operating system version, geographic location, and more
  • Protects against man-in-the-middle attacks exploiting rogue certificates with optional dynamic public key pinning
  • Provides a trusted execution environment for accessing or processing sensitive authentication data on the device

Transakt secures other message types like bank statements, tax certificates, contracts, legal or regulatory notices, and credit and debit card PINs. Only the intended recipient can view these communications as they can only be decrypted in your mobile app.

  • Enables a more secure and immediate alternative to email, text messaging, voice, or the postal service
  • Avoids spoofing since messages that have not been signed by your institution will not be delivered
  • Allows encrypted messages to be stored in-app

See our technology in action.

logo entersekt

Entersekt is an international software development company based just outside of Cape Town, South Africa.

We are leaders in authentication, app security, and payments enablement technology, offering a highly scalable solution set with a track record of success across multiple continents.