Data has great potential to support and enhance the lives of today's digital consumers. Yet, when their personal data is collected and shared without their permission, their privacy rights are violated. What's more, the risk of their personal data being leaked in a data breach goes up too.
In banking security, however, data signals serve a beneficial purpose for customers. Firstly, to differentiate them from financial criminals and prevent fraud, and, secondly, to create a simple and fast user experience that matches the functionality of our everyday apps.
While some authentication solutions rely on familiar technology, like cookies, that collect personal data and track users across the net, there is an alternative that can keep customers safe without trampling on their privacy rights: Silent authenticators.
In banking security, however, data signals serve a beneficial purpose for customers. Firstly, to differentiate them from financial criminals and prevent fraud, and, secondly, to create a simple and fast user experience that matches the functionality of our everyday apps.
While some authentication solutions rely on familiar technology, like cookies, that collect personal data and track users across the net, there is an alternative that can keep customers safe without trampling on their privacy rights: Silent authenticators.
What are silent authenticators?
Silent authenticators are an advanced authentication approach that relies on Entersekt's Browser ID technology to decrease friction while increasing the security of banking and payment activities. Unlike cookies or browser fingerprinting, our Browser ID technology does not track users across domains, keeping their personal information personal.
Browser ID uses cryptographic keypairs to silently identify and trust a customer's browser. This means that customers don't need to actively do anything to verify their identity. It all happens in the background, creating a seamless user experience, but also improving the security of transactions.
Browser ID uses cryptographic keypairs to silently identify and trust a customer's browser. This means that customers don't need to actively do anything to verify their identity. It all happens in the background, creating a seamless user experience, but also improving the security of transactions.
Indiana Members Credit Union saved $49 in operation costs by incorporating Entersekt’s Brower ID feature. Read their success story.
"Not all endpoint signals are equally strong," says Gerhard Oosthuizen, Entersekt's Chief Technology Officer. "Entersekt's Browser and App IDs stand head and shoulders above other signals, providing cryptographic proof about a returning device, preventing stolen signals or replay attacks, proving that the customer's device is present during a specific session."
The benefits of silent authenticators don’t end there. Here are five ways this modern authentication approach supports the needs of today's tech-savvy customers and FIs.
1. Provides silent, seamless FIDO authentication
The Fast IDentity Online (FIDO) standards require an active challenge to sign a transaction or prove a customer's transaction happened. Browser ID generates a cryptogram (an encoded message that's sent via cryptographic keypairs), without the need for any interaction from the customer, while still signing the transaction.
2. More accurate than browser fingerprinting
Browser fingerprinting is a tracking technique that gathers data points about a particular user, like their device's operating system, time zone, geolocation and browser extensions. Luckily, the industry is moving beyond browser fingerprinting as the technology is not particularly privacy friendly, nor is it 100% accurate.
Entersekt's Browser ID feature utilizes a cryptographic identifier that recognizes the same browser with 100% certainty, and doesn't track customers' personal information across the web.
3. Replaces legacy authentication like passwords and OTPs
Passwords and one-time passcodes (OTPs) are no longer an effective technique to verify whether the person transacting is who they say they are. The technology is outdated and can easily be intercepted by fraudsters.
Browser ID is a modern authentication solution that authenticates logins and transactions quickly, silently and securely, and cannot be intercepted by hackers. Another plus with Browser ID is that it’s a type of credential that customers can use for a long time, unlike passwords or OTPs, which require regular updating and revalidation (and let's face it, everybody finds annoying!).
4. Improves digital banking and payment security and compliance
Browser ID transforms a customer's mobile app and desktop browser into a secure, compliant possession factor, instead of relying on the knowledge factor (like a password). This approach can be used alongside a second factor to align with the Second Payment Services Directive (PSD2) regulations for frictionless Strong Customer Authentication (SCA), simplifying the compliance hoops FIs need to jump through.
The feature turns the customer's app or browser into a silent possession factor. Combined with behavioral biometric signals, which serve as a silent inherence factor, FIs can enable frictionless and fraud-free multi-factor authentication (MFA). Think one-click payments, a win-win for customers and FIs!

5. Supports privacy focused digital banking
As privacy advocacy grows among consumers and regulators, using cookies or browser fingerprinting to collect customers' personal data without their consent (and sharing it with third parties) is more likely to demonize FIs in the eyes of their customers.
"According to the World Wide Web Consortium (W3C), Third-party cookies are not good for the web. They enable tracking, which involves following your activity across multiple websites. This hidden personal data collection hurts everyone's privacy." – W3C, Third party cookies have got to go, 2024
Entersekt's silent authenticators keep in step with the demands for more privacy by not tracking users' personal information across any additional actions, behaviors, or domains and preserving user privacy.
By embracing the W3C's principle of 'leaving the web better than you found it,' FIs can enable authentication experiences that build customer trust and loyalty while keeping them safe.
Learn how
By embracing the W3C's principle of 'leaving the web better than you found it,' FIs can enable authentication experiences that build customer trust and loyalty while keeping them safe.
Learn how