Norwegian firm Encap has released an enhancement to their Smarter Authentification platform. Aimed primarily at the financial services industry the platform provides secure access for customers and internal staff using secure authentication.
The 3.1 release delivers support for Android’s fingerprint API and better protection against Man In The Middle (MITM) attacks. MITM attacks are where transmitted data is relayed by the attacker and attempts are made to break into, read and potential alter the data packets. For financial institutions this can be a huge concern as it means that while banks and customer devices may be secured, banking transactions could be altered in transit.
The Android fingerprint API is part of the Marshmallow release and is currently used by Google’s Nexus 5X and Nexus 6P, although more devices will be added to that list. This means that customers using the security Encap security platform can now add the Android devices to other fingerprint devices such as Apple Touch ID and Samsung fingerprint sensor.
Improved MITM protection
Encap has added an extra layer of protection by not just encrypting data at the network level but by extending this encryption to the OS level as well. Data transmitted between the app and the Encap server was already encrypted. The key improvement is that the data is now encrypted earlier, at the app level before being passed to the SSL layer on the device. This stops the loophole where a device itself may have been compromised and the SSL library replaced by malware. An added advantage is that even devices that have been jailbroken will remain secure as the data is being encrypted within the app itself.
Other enhancements
These two things are not the only enhancements with the new version of software. Encap 3.1 has also rebuilt the Android app along the Google ‘Material Design’ guidelines, and it is also possible to add corporate branding to the app to personalise the software.
Thomas Bostrøm Jørgensen, CEO, Encap Security commented “We are dedicated to creating a platform that allows banks the freedom to add authentication methods as they become available – and offer that choice to their customers.”
“Smarter Authentication 3.1 builds on our previous work by future-proofing our fingerprint options and making the app even safer to use – even if the device itself is compromised.”
Conclusion
Encap are no doubt hoping that this latest enhancement will help them to start looking outside of their traditional sector that has seen them win Santander, EnterCard and Sparebanken Vest as clients. Their intention is to target the Health and Enterprise markets. Their solution is aimed at companies looking for strong authentication for their users, be they internal or external.
The solution already offers multifactor authentication and by ensuring that the latest biometric solutions are supported they will ensure that whatever device their clients customers decide on they will have the strongest authentication tool available
