The safest way to pay

June 2019 Security Services & Risk Management, Financial (Industry)

In the ‘old days’ – the days of magnetic stripe cards – a cardholder proved that they were the rightful owner of a card with a handwritten signature at the point of sale. Then came the chip cards, where a PIN number was used for authentication in a card-present context.

Gerhard Oosthuizen
Gerhard Oosthuizen

In card-not-present situations like online shopping, however, it is much harder to validate a customer’s identity, because they only have to input strings of numbers. To prove that a shopper is the rightful cardholder, another authentication method is required, which often adds friction and frustration to a customer’s online-shopping experience.

But the widespread adoption and computing power of the mobile phone means that a solution might be on hand. Ticking the boxes of security and convenience, the mobile banking app has the potential to become the payment tool of choice.

The rise of the mobile banking app

The use of mobile banking apps has taken time to gather momentum in some markets. A reason often cited is the fear of fraud and identity theft. This is understandable when considering that securing a banking app with a username and password only goes so far in proving that a user is the legitimate banking customer – especially in an era where security breaches and attacks like phishing abound.

So how can a bank reassure its customers that having all their banking information literally in the palm of their hand can be as secure as it is convenient? And that paying with their banking app can be more secure than paying with their debit or credit card?

A matter of trust

It all comes down to trust. Establishing a relationship of mutual trust between a bank and a customer is crucial. It creates a secure foundation from which the bank can offer rich and innovative services, while giving customers the confidence to engage with these services without security concerns. The mobile phone makes all of this possible by means of three key pillars: identity, integrity, and communication.

The first step in establishing a foundation of trust is the notion of identity. Digital certificate technology makes it possible to uniquely identify any registered customer’s mobile phone as well as the banking app that was originally registered on the phone. This means the bank can be certain that they’re communicating with the right person.

Secondly, the bank needs to be sure that neither the customer’s mobile phone nor the messages being sent between the device and the bank have been tampered with. In other words, the integrity of the device, the app itself, as well as the environment in which the app is running, must be proven.

Finally, the bank and the customer need to know that communication is secure and private. This can be achieved through technology that establishes an encrypted communication channel between the bank and the customer’s banking app. Since this is a separate, secure channel, no fraudster can intercept sensitive messages meant for the customer – like authentication requests and responses.

As safe as the banking app

At Entersekt, we believe that with trust as foundation, mobile banking apps can become much more than tools for checking balances. They can become enablers of new forms of banking and commerce that will not only transform the banking industry but will also revolutionise customers’ lives.

Modern technology, such as cloud and mobile technologies, has given banks the opportunity to completely redefine the banking experience for their customers and re-establish personal relationships. Doing so turns the mobile phone into an extremely valuable commodity for customers – a passport to all types of digital experiences without the hassle of unnecessary authentication requirements. A range of banking and payments capabilities can be made available 24/7, from anywhere in the world, in the palm of the customer’s hand. More than that, when a bank has a foundation of trust in place, its app can also be the safest way for customers to transact.

For more information, visit

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Where are your crown jewels?
June 2019, Wolfpack Information Risk , Commercial (Industry), Cyber Security, Security Services & Risk Management
Understanding what data they store and analyse is gaining increasing urgency for organisations that are now accountable to new(ish) privacy regulations such as the GDPR and our PoPIA.

Changing of the guard, AI style
June 2019, Active Track, Technews Publishing , Integrated Solutions, Security Services & Risk Management
Active Track is launching a raft of new AI-based products and services with which it intends to turn the security world as we know it on its head.

Partnership to reduce farm violence and agricultural crime
June 2019, Fidelity ADT Security , News, Security Services & Risk Management, Agriculture (Industry)
Agri SA has partnered with Fidelity ADT, a subsidiary of the Fidelity Services Group, to offer a range of services and products to its members and the rural community.

Password awareness critical
June 2019, Kaspersky Lab , Cyber Security, Security Services & Risk Management
A recent study revealed that digital identity data and information holds significant value to cybercriminals – who craft ways of gaining this data and exploit it on the dark Web for as little as $50.

Fully automated cash logistics
June 2019 , News, Security Services & Risk Management
Cash management company, Izicash, announced its adoption of Transtrack, a software solution, supported by a South African company, AllCash, which streamlines the cash logistics process.

Throwing the book at qualification fraud
June 2019, LexisNexis , News, Security Services & Risk Management
Until now, qualification fraud has not been punishable by law. However, this is set to change with the introduction of the National Qualifications Amendment Bill.

SIM swap fraud expands
June 2019 , News, Cyber Security, Financial (Industry)
A new wave of attacks targeting financial services and online services have become very common in South Africa and the wider region.

Taking radio communications forward
June 2019 , Commercial (Industry), Security Services & Risk Management
With the new digital format, radios have redefined the mobile two-way radio communication by now offering you communication anywhere, over any distance.

KYD: Know Your Data
June 2019, Technews Publishing , IT infrastructure, Security Services & Risk Management
Organisations need to know what information they have, why they collected it, and they need to adhere to regulations about how long they can or must keep it before deleting it.

The importance of BC and DR
June 2019 , IT infrastructure, Security Services & Risk Management
Organisations need to realise that business continuity and disaster recovery entail entirely different strategies with both being vital to keeping a business operational.