Schalk Nolte, CEO of Entersekt, says: “Banks worldwide are recognising the value of using mobile devices as an additional security device for online banking.” However, most banks currently send 'one-time passwords' (OTPs) by SMS to their customers who wish to execute sensitive online transactions. The weakness in this system is that the customer is then required to enter the OTP onto the bank's online site. If the bank's Internet site is mimicked by a fraudster (ie, a phishing site), the transaction is compromised.
The Entersekt solution eliminates this type of fraud in a customer friendly way. In the Entersekt solution, the bank sends a customer a cellphone prompt to confirm or deny a sensitive transaction through a simple “accept” or “reject” response, protecting the customer from current phishing scams, which lure customers to enter an OTP into a fake site. In addition, it eliminates the hassle to the customer of keying in the OTP as the transaction is confirmed directly with the bank by way of an independent and direct cellphone response.
The company has seen significant interest from banks both in the UK and Europe, which has resulted in Entersekt opening an office in the UK recently.
Fred Swanepoel, Nedbank Group's Technology Executive, says: “Nedbank's digital strategy is ultimately to be 'digital in everything that we do for clients'. We have spent the last two years developing software to support our vision for our clients' digital experience. Our priority is to make our clients' digital interface with Nedbank secure, not only to protect our clients, but also to empower them to do all their transactional banking anywhere, anytime. Our architecture (of which ITA is one part), which has been two years in development in collaboration with Entersekt, will allow Nedbank to roll out banking widgets and applications quickly to all its digitally-enabled customers in all segments of the market, from those with entry-level cellphones to smartphones and tablets. The 'Approve-it' product is the first of many digital products that Nedbank will be releasing this year.”
Entersekt's Chief Technical Officer, Christiaan Brand, explains: “People are becoming increasingly mobile and are demanding secure access to applications from anywhere. Entersekt offers a platform for banks to provide their customers with end-to-end security. Our underlying security platform allows our customers to offer secure online banking plus provides a foundation for full function mobile banking.”
He says that in layman's terms, it means that a confirmation request, which includes details of each sensitive transaction (add a beneficiary, once-off payment, etc), is sent to the client's mobile phone. The client can then choose to either accept or reject the transaction.
Brand adds: “It's been a privilege to work with the Nedbank team, which understands that innovation and customer security are tightly coupled.”