The client's key requirements included:
The new authentication method is primarily intended as a replacement for SMS OTP codes, targeting mobile device users (smartphones and tablets) across major operating systems: Apple iOS, Google Android, and Microsoft Windows.
The Delivered Monet+ Solution
Between 2014 and 2015, MONET+ implemented a full authentication solution for ČSOB based on the CASE authentication server and the CASE mobile authentication method (ČSOB Smart Key) for Android, iOS, and Windows platforms.
To support the full lifecycle of the new authentication method, MONET+ also delivered tools for remote management of mobile app dynamic content (graphics, help, etc.), full transaction visualization adapted dynamically to content/channel/transaction (WYSIWYS), and a push server for proactive communication with the mobile app. The application was designed with maximum user-friendliness in mind, aligning with UX principles and specifics of each mobile platform.
The delivery also included essential security components: cryptographic SDK for mobile platforms, a security gateway, and a secure storage for sensitive server-side information.
Benefits of the Delivered Solution for the Customer
We delivered a full-featured authentication method for smartphone users, compliant with PSD2 regulatory requirements (strong authentication, designed for operation across multiple channels including third-party services).
Considering ČSOB’s wide range of electronic channels, the new authentication method was designed to be channel-neutral. When used with a specific electronic channel or service, the mobile app visually adapts to the service that generates the authentication or authorization request (using custom transaction visualization).
In addition to online authentication, the app is also ready for offline use as a generator of one-time passwords or signature codes, using a QR code for transaction data transfer into the mobile app.