Stuttgart, 22 October 2015 – Until now, users of online banking have had to decide what is more important: ultimate security or maximum convenience? “Biometric processes offer significantly better security than long-established TAN options,” states Ulrich Dietz, CEO of the IT service provider GFT Technologies.
Half of the German population already uses online banking – not only on their PC at home but increasingly also when they are out and about – through mobile options like their smartphones. Chip TAN, SMS TAN or smartphone TAN: there are several options to choose from for banks and their clients. But none of the established methods meet the highest security standards and at the same time offer ease of use. Bank customers who want to carry out transactions on the go are forced to use a second device (a TAN generator) to provide the required TAN codes. If not, they will have to accept that they might fall prey to hackers, as was the case recently with customers of the mobile network provider, Telekom.
Existing solutions, whereby transaction numbers are sent via text message, harbour fundamental security risks, primarily because malware can be used to read passwords and start intercepting text messages. On the other hand, standard chip TAN solutions that require an additional device are not considered user-friendly and they do not really fit into the modern digital lifestyle.
Enhanced security through biometrics
GFT has already had positive experiences with biometric methods for some years, not just during pilot projects but also with actual prototypes. These have highlighted possible application areas. “Banks have to win over mobile banking customers with ease of use and security, otherwise they’ll lose these customers to the competition including to firms in the start-up sector. Biometric processes are a future-ready alternative,” states Dietz. In addition to iris scans and fingerprint identification, voice and speech recognition also offer tremendous potential. The job performed by speech recognition is just to record content, so this function is about understanding messages. The job with voice recognition is about guaranteeing secure user authentication, so that the transaction can be carried out.
Convenient and secure like never before: the new TAN display process developed at Tübingen University
A spin-off based at the University of Tübingen has now developed a multifunctional bank card. This equips standard EC debit cards with a TAN generator. “The newly developed TAN display process dovetails the highest security standards with user-friendliness benchmarks for the first time ever. It makes mobile payments easier, more convenient and more secure than they have ever been, not just for banks but also for customers. It also gives bank customers more flexibility all round: everyone takes their EC debit card with them,” explains Marika Lulay, COO of GFT. The card itself generates the required security code (TAN) and displays this alongside other bank information (i.e. account numbers) on a screen that has been integrated into the card. The bank card with this extra feature communicates with the smartphone via Bluetooth. As a result, it is protected from viruses. GFT is currently consulting on and backing this new process. “No other solution on the market today meets all of these requirements in one go,” states Lulay.
Other advantages with the new TAN display option include the fact that even if bank customers were asked to meet the cost of the new TAN display card, this would not be any higher than investing in a TAN generator. Banks are also completely covered in legal terms in the event of fraud and the TAN display solution meets all European regulations regarding online and mobile banking. So it is win-win for all parties.