Highest security criteria and signed payments

Worms, April 2019. As a customer of the online banking specialist KOBIL, the Berner Kantonalbank AG (BEKB) offers its customers various possibilities to carry out their banking transactions digitally and extremely securely - both via mobile devices (smartphone, tablet) and desktop (Mac, Windows). The tightened security measures required for this were developed and implemented in the course of the specifications of PSD2/RTS (Payment Services Directive/Legal Regulatory Standards) with KOBIL GmbH, based in Worms (Germany). With this partnership, the bank ensures that the primarily required introduction of a new secure login procedure for e-banking is guaranteed - for transactions using the bank's own app for payment and savings accounts of private and business customers. Only one single technology should be used. The bank did not require any additional hardware for the transactions. Before the changeover, customers used a USB stick for login or received transaction data via an optical interface and thus received a transaction-bound TAN.

All the advantages of a modern security solution, such as confidentiality, multi-factor authentication and a secure end-to-end data connection, were used to implement this solution. Protection against attacks on the secure app, password and identity of the user, as well as the use of smartphone or tablet, is guaranteed, thus preventing access to bank data and customer identities. The starting point for the management was always the clear identification of the secure, digital identity.

KOBIL offers a multi-platform solution for the changeover, which supports all mobile devices via iOS and Android as well as via desktop (Mac, Windows). The integration into the core banking infrastructure "CyberlBis" provided by DXC Technology was a prerequisite for the connection of the e-banking solution for payment transactions. As a further step, protection from the Internet had to be guaranteed. For this purpose, the necessary app was provided on the basis of KOBIL technology in addition to the overall performance. The bank closely accompanied and helped define the development of the app.

The total time from the start of the project to going live took about 12 months. All partners involved, both KOBIL, as supplier of the app and the security infrastructure, and DXC Technology for the core banking and end-to-end Internet banking interface, worked together reliably. With the "BEKB-smartLogin" developed by KOBIL, the user now has a secure, convenient and fast procedure for logging into the bank's e-banking and for signing payments. The procedure works via a separate app, which the user sets up on the smartphone, tablet or desktop. In order to be able to use the "smartLogin", a registration of the used device in the bank's e-banking is required.

"Today," says BEKB Project Manager Clemens Inninger, "almost half of our bank customers use the convenient e-banking solution using the app developed by KOBIL. The conversion from the old PIN/TAN solution to the "SmartLogin" solution has been successful and has now (as of April 2019) been running for a good six months to our complete satisfaction".

E-banking login

1. Log into e-banking via smartLogin with user identification and password.

2. A request is made on the user's smartphone for the login to confirm. To do this, the smartLogin app must be started by entering a personal or biometric procedure such as Touch ID.

3. E-banking is started immediately afterwards - no need to type in additional codes or photograph encrypted codes.

4. For certain payments, due to security criteria, a signature is required. When you are asked to sign a payment, a message is displayed on the smartphone/tablet. After starting the smartLogin app and entering your personal PIN or a biometric procedure such as the Touch ID, the payment data of the payment to be signed is displayed. After checking the data, the payment can be confirmed.

About KOBIL GmbH

Today, KOBIL solutions are the standard for digital identity and highly secure data technology. Founded in 1986, the ever-expanding KOBIL Group, headquartered in Worms, is a pioneer in the smart card, one-time password, authentication and cryptography sectors. The focus of the philosophy is to enable a consistent Identity and Mobile Security Management on all platforms and all communication channels. Nearly half of KOBIL's employees work in development, including leading cryptography specialists. KOBIL plays a key role in the development of new encryption standards. Commerzbank, DATEV, German Bundestag, Migros Bank, Societe Generale, UBS, ZDF and many others rely on KOBIL.