The client's key requirements included:
A complete solution for unified access, electronic identification, and authentication across various digital channels and applications, including authenticated access to and from third-party applications. The project objectives also included the following requirements:
including standardized customer service processes
integration of security methods across internet and mobile banking channels
enabling the bank to establish strategic partnerships with third parties
Delivered Solution
In 2017, MONET+ implemented (and continues to develop) the Multichannel Entry Point (MEP) authentication system for ČSOB. MEP serves as a central security component for all processes related to user electronic identification and authentication, based on the principles of federated services and identity federation.
MEP is designed as a security solution allowing the bank to share security functionalities across applications, fully manage the lifecycle of authentication methods, and expose both user and technical interfaces for integration with third parties (including closed and open federations).
The core modules include the MEP FS solution for identity federation based on OAuth and OpenID Connect protocols, and integration with both web and mobile applications – including interfaces for integrating applications outside of federation protocols.
The solution on the CASE authentication server includes lifecycle support for authentication methods such as the mobile token (ČSOB Smart Key), SMS OTP, user password, and offline one-time activation codes.
MEP system extensions include modules for managing third parties and their applications in the context of PSD2 services.
Customer Benefits
Decoupling security processes (login, authorization, signature) from individual business channels and placing them into a central identity platform. Centralized administration of security methods. Cost optimization for operation, maintenance, and development of security methods.
Unified processes for electronic identification, authentication, and authorization within a single solution – including consistent UX/UI principles across both web and native desktop/mobile applications.
A unified identity platform for banking applications and interoperability with third parties through identity federation principles or using PSD2 services and integration interfaces.