ČS MEP Central Authentication System

In cooperation with Deloitte (until 2016), MONET+ implemented the Multichannel Entry Point (MEP) authentication system between 2014–2018 as the central security component for all processes related to electronic identification and user authentication (especially bank clients).
ceska_sporitelna_NEW_bw

Customer Need

As part of its digitalization strategy, Česká spořitelna was looking for a comprehensive authentication solution that would support the development of its own electronic services as well as new online services tied to electronic identification and authentication.

The objective was to enable ČS to implement architectural changes in online banking channels through centralized security services—one place for executing security operations and implementing security methods.

Key requirements included new security methods for mobile devices (mobile token, identified calls, and voice biometrics) and provisioning security methods as a service both for internal ČS applications and for third-party and partner applications.

brainstorming_0

Delivered Solution by MONET+

In partnership with Deloitte (until 2016), MONET+ implemented the Multichannel Entry Point (MEP) authentication system from 2014–2018 as the central security component for all electronic identification and authentication processes (particularly for bank clients).

MEP is designed as a robust security solution that enables the bank to share security functions across applications, fully manage the lifecycle of authentication methods, and expose both user and technical interfaces for third-party integration, including closed and open federations.

The solution is based on the CASE authentication server, which supports the full lifecycle of authentication methods such as SMS OTP, user passwords, one-time activation codes, and mobile token (CASE mobile). The mobile token was visually and functionally customized for ČS (as seen in the George Key mobile app).

Central modules include the robust MEP FS solution for identity federation services based on OAuth, OpenID Connect, and SAML protocols. Beyond integration with the bank’s and third-party applications, FS modules abstract security methods so that target applications remain unaffected by underlying changes.

MONET+’s FS solution also included federated transaction authorization, voice biometric integration into administrative processes (security method management portal), and integration with web and mobile applications, including interfaces for applications outside federation protocols.

Customer Benefits

Decentralized security processes (login, authorization, signature) were consolidated into a central identity platform. This allowed centralized administration of security methods and optimized costs for operations, maintenance, and further development.

MONET+’s architectural design is compatible with Erste Group’s requirements for its George internet banking platform, ensuring scalability and rollout potential to other countries.

Unified electronic identification, authentication, and authorization processes under a single solution, including consistent UX/UI principles for both web and native applications on PC and mobile.

A unified identity platform for banking applications and third-party interoperability through identity federation principles or via PSD2-compliant services and integration interfaces.

Scroll to Top