One-time-password is unpopular because it’s user-unfriendly… And on top of this, it’s not 100% secure! (CSO & CTO)

Use Cases & Pain Points Addressed

This tool solves the following pain points, or greatly reduces their impact:

It is designed to improve the security of transactions through all digital channels, e.g. sensitive sessions such as banking transactions or payments.

In multi-factor authentication process, it replaces SMS OTP which is costly and increases with the number of customers as well as online traffic.

SMS OTP are not secure:
  • It is easy to see the content of SMS messages, e.g. for people who have access to the database on the sender side.
  • SIM card can be copied and intercept the messages sent to a phone.

Simple and seamless user experience:
  • SMS OTP are disliked as user experience is bad: an SMS must be first received, read, and its code transcribed into the application.
  • With Soft OTP there is automatic authentication in the background – without needing messages to be sent and codes to be copied.

Further user experience-related features can be added/activated:
  • Push Notification Integration (standard).
  • Biometric Integration (Fingerprint, Face, Retina etc.).
  • QR Code.
  • Captcha Integration.

The application is highly configurable and adaptable to customer needs – usually not requiring any change on legacy side.

Regulatory Compliant

EnSecure is fully supporting regulations limiting the use of SMS OTP and requiring transaction signing.

Security is aligned with public, international security standards and protocols.

More than just being a “Soft OTP” replacing the “SMS OTP”, it supports additional features and security mechanisms so that this platform can act as the “brain” of a digital login system.

Key Features & Differentiators

The following features and advantages should be noted:

  • Unlimited scaling thanks to micro-service structure, fully dockerized.
  • Supports any operating system, Linux & Windows – unlike OneSpan which requires Windows server and has restrictions on architecture.
  • Secure & encrypted logging.

Compliant with BDDK & European Banking Regulation & supports COBIT & ITIL standards.

Fast & dimple integration, for any secure digital transaction integration.

  • Software delivery kits (SDK) are part of the solution and support IOS & Android mobile application integration.
  • RESTful API’s are available for the integration of online banking, call center, ATM, IVR, etc.
  • Highly configurable – no development is needed.
  • Ease of Integration & ease of use.

Rich features are being provided from the start, e.g.:
  • Push notification & mobile security is bundled with the same products.
  • Neither OneSpan nor Kobil support push notification.
  • Dedicated SDK can be built on demand as well (TBD with customer).

Captcha, session name, security picture and QR Code are additonal digital security features.

One product fits all needs approach in which most features are included in same price (unlike OneSpan).

Much better performance and scalability than Kobil (outdated architecture with bottlenecks).

Costs/Expenses: comes at a fraction of the cost of international vendor tools (List Price comparison). TCO is reduced:
  • SMS no longer need to be physically sent.
  • Unique licensing model: consistently cheaper – from day #1, in which the pricing is neither based on the number of transactions nor on the number of users, but on tiers.

Performance benchmark:
In one large customer, 15K transactions/sec can be easily generated with 1Core CPU (VM), 6GB.