“One-time-password is unpopular because it’s not user-friendly… And on top of it, it’s not 100% secure." (COO & CTO)

Use Cases & Pain Points Addressed

This tool solves the following pain points, or greatly reduces their impact:

It is designed to improve the security of transactions through all digital channels, e.g. sensitive sessions such as banking transactions or payments.

In multi-factor authentication process, it replaces SMS OTP which is costly and increases with the number of customers as well as online traffic.

SMS OTP are not secure:
  • It is easy to see the content of SMS messages, e.g. for people who have access to the database on the sender side.
  • SIM card can be copied and intercept the messages sent to a phone.

Simple and seamless user experience:
  • SMS OTP are disliked as user experience is bad: an SMS must be first received, read, and its code transcribed into the application.
  • With Soft OTP there is automatic authentication in the background – without needing messages to be sent and codes to be copied.

Further user experience-related features can be added/activated:
  • Push Notification Integration (standard).
  • Biometric Integration (Fingerprint, Face, Retina etc.).
  • QR Code.
  • Captcha Integration.

The application is highly configurable and adaptable to customer needs – usually not requiring any change on legacy side.

Regulatory compliance:
  • Full compliance with regulations defining the use of SMS OTP and requiring transaction signing.
  • Security is aligned with public, international security standards and protocols.
  • Compliant with BDDK & European Banking Regulation & supports COBIT & ITIL standards.
  • More than just being a “Soft OTP” replacing the “SMS OTP”, it supports additional features and security mechanisms so that this platform can act as the “brain” of a digital login system.

Key Features & Differentiators

The following features and advantages should be noted:

  • Unlimited scaling thanks to micro-service structure, fully dockerized.
  • Supports any operating system, Linux & Windows – unlike some competitor which requires Windows server and has restrictions on architecture.
  • Secure & encrypted logging.

Fast & dimple integration, for any secure digital transaction integration.

  • Software delivery kits (SDK) are part of the solution and support IOS & Android mobile application integration.
  • RESTful API’s are available to integrate with online banking, call center, ATM, IVR, etc.
  • Highly configurable – no development is needed.
  • Ease of Integration & ease of use.

Rich features are being provided from the start, e.g.:
  • Push notification & mobile security is bundled with the same products.
  • Some competitors don’t support push notification.
  • Dedicated SDK can be built on demand as well (TBD with customer).
  • Captcha, session name, security picture & QR Code are additonal features...

One-product-fits-all-needs approach in which most features are included in same price (unlike OneSpan).

Much better performance and scalability than some competitor (outdated architecture with bottlenecks).

Costs/Expenses & TCO: comes at a fraction of the cost of international vendor tools (List Price comparison). TCO is reduced:
  • SMS no longer need to be physically sent.
  • Unique licensing model: consistently cheaper, in which the pricing is neither based on the number of transactions nor on the number of users, but on tiers.

Performance benchmark:
In one large customer, 15K transactions/sec can be easily generated with 1 Core CPU (VM), 6GB.