LOYALTY TECHNOLOGY & SOLUTIONS

Entersekt on Browser ID and ‘Silent Authentication’ – readthrough for travel and personalisation

PYMNTS dives into security and fraud issues in online banking. Findings have wider read-through for travel, tourism and hospitality industries. With proliferatin of mobile banking and digital wallets, desktop online transactions remain vital but often overlooked. Despite the ubiquity of mobile devices, browser-based transactions are essential and come with distinct fraud and identity theft challenges. Balancing security and user convenience in browser-based authentication is particularly challenging.

Entersekt, a leader in financial authentication, is developing solutions to address these issues. According to Mzukisi Rusi, Entersekt’s VP of Product Identity and Authentication, traditional methods like cookies and device fingerprinting are increasingly limited by privacy concerns and regulations from companies like Google and Apple. He believes the best authentication method is silent. “Identifying a returning browser without privacy-infringing cookies or fingerprinting is complex,” Rusi explained. “Our approach uses cryptographic proofs and signatures to uniquely identify devices, ensuring privacy and security.”

User experience is critical in identity verification. Active methods, such as entering one-time passwords (OTPs) or using biometrics, though secure, can disrupt the user experience. Entersekt’s “silent authentication” works unobtrusively in the background to solve this problem.

“Active authentication, like entering an OTP or approving a push notification, interrupts the user experience,” Rusi told PYMNTS. “Silent authentication uses risk assessments and strong signals, such as Browser ID, to verify identity without user input. It’s like an invisible security guard ensuring your identity without your constant involvement.”

Entersekt’s patented approach to multifactor authentication (MFA) enhances both security and user experience. Their Browser ID technology acts as a digital fingerprint for browsers, providing a privacy-friendly alternative to cookies and traditional device fingerprinting.

“Browser ID uses cryptographic signatures to identify a device,” Rusi said. “The device silently proves its identity by signing a challenge with a private key, respecting user privacy without tracking browsing history or sharing data across sites.”

Browser ID can be combined with other risk signals, like behavioral biometrics, to enable MFA silently. This ensures robust security without active user involvement, balancing usability and protection.

Entersekt aims to expand Browser ID adoption and enhance the user experience across digital channels. Positive feedback from U.S. financial institutions (FIs) that have implemented this technology underscores its success.

“We’ve rolled out Browser ID to several financial institutions, and the feedback has been overwhelmingly positive,” Rusi shared. “Users appreciate being recognized as trusted without needing repeated authentication. We aim to expand this technology across more channels, continually improving the balance between security and user convenience.”

Entersekt’s broader goal is to ensure regulatory compliance, such as with PSD2, without compromising user experience. Rusi notes that Entersekt aims to comply with regulations like PSD2 by silently signing transactions on customers’ devices, ensuring both integrity and compliance, thus providing a secure user experience without additional steps.

For FIs, implementing Entersekt’s Browser ID offers several benefits, including reduced fraud rates, improved customer loyalty, and lower costs related to fraud prevention and user authentication.

“Financial institutions benefit from enhanced security, leading to lower fraud rates and happier customers,” Rusi said. “Adhering to regulations without compromising user experience can boost customer loyalty. FIs also gain stronger risk signals, allowing them to decide when to actively challenge users and when to allow seamless transactions.”