Are secured and frictionless cybersecurity solutions a pipe dream?
Posted on 05.11.2019 at 11:30
By Pavel Melnichenko, CTO
As we described in the previous post, the weakest point in a digital banking system is the user while banks’ side is usually strongly protected, banks know about it. The whole technical team of a bank – including the risk division – will do their best to protect bank clients and for this purpose they offer super strong solutions. However, regular security solution and positive user-experience seem to be incompatible. But as we live in digital era, complicated solutions may become a reason of customer decrease. In addition, security solutions are quite expensive. This usually means that the client department of the same bank will never accept such kind of security solution. Therefore, quite often business department prefer to accept risks instead of losing clients and wasting money.
Most banks prefer to make a compromise and use weak, from the point of security, but cheap and convenient solution – like SMS codes, push-codes, OTP generators or anything of this kind. However, as mentioned before, this is a disputable way.
Must-have principles for solution developers
Therefore, as a vendor in cybersecurity solutions, to solve this problem in a smart way. We should figure out a few key points:
- Firstly, the solution must protect the most sensitive steps in a bank-to-customer communication process, which includes actions confirmation.
- Secondly, the solution must be secured-by-design, with the confirmation process secured with proof.
- Thirdly, solution must be as simple as possible for end-users; with a one button “confirm” is to be the most difficult action the user should do;
- Fourthly, it must be understood that bank’s employees are not obliged to be professionals in vendor’s technology. The complexity of technology is to be covered with easy-to-use “cover” for the bank employees.
- Solution must ensure that it is easy to understand and use on the bank’s side, as complicated systems will incur a “hidden cost”.
- Finally, it must be cost-effective comparing with “weak, but cheap and convenient solution”.
A disclaimer, this is not a full list of an ideal solution “must-haves” but the above are the main key points that we have analyzed through our experience with cybersecurity solutions.
The PayConfirm software by Airome Technologies was created to meet these criteria and many others with the goal of providing security solutions that are highly secured, truly convenient and cost-effective. PayConfirm serves to authorize any types of operations, including transaction confirmation or e-documents signing, right on your mobile device.
Digital signature is used as a mean of confirmation for any types of operation – login, money transfer, agreements sign, loans application and many more.
Security process of PayConfirm is based on asymmetric cryptography schemes. The most interesting points about them are keys distribution and private keys protection schemes. In PayConfirm user’s private key is generated, stored, used and “dies” on user’s mobile device. Usually, systems based on asymmetric cryptography use PKI (public key infrastructure) to distribute public keys in the system. Experts in PKI know about complexity of PKI and digital certificates in service. However, we should remember about the necessity to simplify transaction processes of bank’s staff and end-user. That is why at Airome Technologies we have invented our patented keys distribution scheme to avoid PKI to distribute keys material in the system.
How it works is a topic for the separated post, but PayConfirm always can answer: when and what exact data was confirmed, who did it, which device and what exact key was used, what was a result of confirmation process, and most importantly the system can prove that the end-user made that transaction.
With the user’s private key is stored on a mobile device, we invested in research regarding the protection of a private key during the storage process. This is done by storing the key set in an encrypted state. It is encrypted in two ways consistently:
- The first with a key encryption key (KEK) based on user’s password;
- The second is with un-extractable hardware based KEK, generated with a specialized hardware chip on the mobile device.
PayConfirm is designed to hide all the scary jargons and words like “key distribution, key encryption key, hardware chip, asymmetric cryptography, security proof” to simplify the transaction process of banks and its clients. With that, the solution consists of two parts; the server side (installed in bank’s infrastructure) and the client side (SDK to build into bank’s mobile app or stand-alone mobile app). All the complicated systems and processes are concealed from bank’s employees and remote banking system developers and automated behind a set of API calls via the PayConfirm’s server. This means, when the PayConfirm’s server receives a transaction to confirm, it will simultaneously communicate with the mobile device, show the transaction to the user, verify the transaction details, extract keys from the secured storage, calculate and verify signatures – all in a secured way – while returning the signature with verification results.
We are proud that the record time in integrating a proof-of-concept for PayConfirm was done within 4 hours (from providing API specifications to demonstration for bank top managers).
These are the key functionalities and design principles behind PayConfirm. As mentioned, the PayConfirm server and PayConfirm mobile libraries are linked with each other by a secured communication channel. This means that during the signing process, the PayConfirm solution can do many interesting things, such as device analysis using transaction risk scoring, separating transactions by semantics (login, low risk money transfers, risky money transfers, agreements and so on). By deriving results based on these metrics we can build an adaptive interaction user model (behavioral adaptive authentication).
Furthermore, these functions are available through the tap of a request to the PayConfirm server, “Confirm”.