PSD2+

BE MORE THAN COMPLIANT WITH KOBIL

A different level of security with the first and only Dual-7-Layers-of-Security

THE NEW ROLE OF BANKING

The revised Payment Services Directive (PSD2) is triggering a new era for banking. The directive is set to reshape banks positioning that is creating great opportunities for new business models. Three primary strategic roles are available for banks to comply with PSD2: Comply, Engage, Build. KOBIL helps organizations to fulfil these strategic roles and to comply with Regulatory Technical Standards (RTS) and General Data Protection Regulation (GDPR) by adding trust do digital processes.



BANK AS A SERVICE

  Comply with PSD 2  

  Basic APIs  

  Facilitate Access  

By embracing the simplest role among the vast opportunities that PSD2 has presented, being a bank as a service means establishing a secure environment with providing strong customer authentication, authorization and secure communication for your customers in a playing field with new competitors and dynamics, which is now emerging as a new business model and an efficient competitive toolkit.
Read More

BANK AS A PLATFORM

  Customer Engagement  

  Monetize by API  

  Establish TTP  

The second role that PSD2 presents to banks is to become a bank as a platform. With PSD2 enabling nonbank companies to become competitors to banks, banks should look forward to create new opportunities for revenues. Becoming a platform will allow banks to earn revenue not only from monetary exchange but from nonmonetary exchange as well, such as exchange of data, algorithms and digital currencies. This option enables banks to create new revenue streams and have competitive edges against their new and existing competitors.
Read More

BANK AS AN ECOSYSTEM

  Build your own Ecosystem  

  Superior CX  

  Non-Financial Services  

The ultimate role for banks is becoming an ecosystem. The Digital Business Model ecosystem is a self-contained, paperless digital world, which can be used for your company internally, but also with your partners and customers.
Read More

WHAT IS PAYMENT SERVICES DIRECTIVE 2?

Watch our short video to get a simple understanding

KOBIL PSD2 SOLUTION

THE LEADER OF TRUSTED DIGITAL IDENTITIES AND SIGNATURES
KOBIL’s mIDentity Application Security Technology (mAST) provides an end-to-end security platform to deliver strong customer authentication and authorization using trusted identities. It protects the identity and communication of the app, device and user in a continuous manner from app start to close.



THE BRAIN BEHIND THE SCENES

REAL-TIME SMART SECURITY MANAGEMENT SERVER

Each solution is coupled to the KOBIL own Smart Security Management Server (SSMS) which protects and controls the whole communication environment of the application in real-time. It performs a series of online security checks upon each app start and also during runtime using security sensors located in the KOBIL mAST. These security parameters are sent through the own secured Digitanium Channel to the SSMS server and validated there. Only if the entire required security policies match, a cryptographic protocol is executed over the Digitanium Channel unlocking the virtual smart card which makes the end user’s private key usable to generate digital signatures for reliable and trusted authentication codes.

WHY KOBIL FOR PSD2



KOBIL mAST provides a unique security journey for banks and financial institutions to comply with PSD2. By adding its world class Dual-7-Layers-Of-Security, a new level of security is set for any interaction at any time and place.






  • 1.SECURE DEVICE

    A trustful environment is the base for a secure interaction within processes. Because typical device management systems block the personal user behaviour and restrict usage of the device. In our case we check the device where the dedicated application is running secure before launching the app and after that we bind the app to this device and makes it to a unique device of the user.

  • 2.SECURE APPLICATION & WEB

    Doesn’t matter if you prefer a native app-, hybrid app- or a web app-development. We have the protection levels for all of them. We ensure that the app base will be checked every time if they are launched by a security server in the backend each time. This server is checking the integrity of the app and even the version. If the version is not the latest one it enforces the user to update before continuing.

  • 3.VIRTUAL SMART CARD

    Liability and accountability, meaning binding and verifiable proof of relevant activity on the basis of secured identities, are protected by the principle of the virtual smart card technology. Reaching a level of smart card requires a PKI infrastructure, the usage of Private/Public Key Technology, digital certificates for each user and a smart card pin which has to be verified by an independent backend. It should also be blocked after 5 times wrong PIN entry like a real smart card and can be only unlocked by the server.

  • 4.DIGITANIUM™ CHANNEL

    The Digitanium™ channel is a dual communication technology to make a point-to-end encryption and authentication possible. In combination with the secure app, the virtual smart card and the backend security server are the only secure way to protect the transportation of sensitive data between user and bank. It blocks man-in-the-middle attacks and ensures data confidentiality and integrity. Passwords and confidential information are conveyed to the new user and general access to systems is enabled and monitored.

  • 5.SMART SECURITY MANAGEMENT SERVER

    It is a programmable authentication algorithm which is always secure but at the same time independent and flexible. It enhances existing fraud systems to get in place more relevant data exactly from the processes where it is happening based on the security levels 1-4 provided by KOBIL.

  • 6.DIGITAL IDENTITY

    Security levels 1-5 show how we create a unique secure identity for a user. Now the client can sign binding transactions for authentication or any type of authorization actions. We integrate with existing Identity and Access Management solutions to empower a customized, cryptographically secured identity.

  • 7.DIGITAL SIGNATURE

    KOBIL uses digital signatures based on digital certificates to sign all transactions in a secure, binding and reliable way. Non-repudiation allows the users to be safe and guarantees banks that it is the real user who accepts the interaction. Easy to use and meets the highest security requirements at the same time.

PSD2 WHITEPAPERS

On 27 November 2017 the European Commission has adopted rules to the latest version of the Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC) under PSD2.

Download your copy of our whitepapers to learn more about PSD2 and find out how KOBIL fulfils the latest amendments of the European Commission from 27 November 2017.

TOGETHER INNOVATIVE


Imprint | Terms of use | Privacy Protection | Sitemap

Copyright © 2017 KOBIL Systems GmbH