Head of corporate and SME banking, Yes Bank Ltd
"Pi-Control helped us roll out an end to end secure digital business banking solution to our corporate clients in matter of weeks. We are now flexibly able to open more banking services to clients on digital than ever before, thanks to unmatched security enabled by Pi-Control cryptographic services platform."
Transaction Security Challenges
Banking is scaling up digitally by enabling access to its services by all banking ecosystem members. Covid19 has only catalyzed this banking digitalization journey further.
In the last decade the banking digitalization has enabled thousands of employees, millions of customers and hundreds of vendors/ partners to access banking services virtually.
Digital comes with its own set of challenges mainly around transaction security:
Theft of identity and password is a rising concern for banks due to over reliance on password based authentication for identity verification
Inability to ascertain the identity of the fraudster due to technical gap between KYC process and customer onboarding digitalization
Transactions repudiation for transactions authorized using password based authenticators, or file upload/ H2H file transfers done without advanced e-signing
Breach of confidentiality and integrity of transaction data due to unsolicited data modification in-transit
Crypto-ID for all digital assets
This is similar to having a digital signature certificate for each digital asset. Crypto-ID is contextual and is tightly integrated to bank’s KYC process, and customer onboarding
Cryptographic Passwordless Authentication, MFA
Multi-factor passwordless cryptographic authentication for all digital workflows. Authentication policies can be centrally managed and configured contextually.
Advanced e-signing for non-repudiation
Mathematically provable means to eliminate repudiation issues from digital transaction processing, so that bank’s don’t have to rely on logs.
Data immutability assurance
Ensures integrity and consistency of the transaction data while in transit. The Crypto-ID of sender app, receiver app, sender user, receiver user, and that of all other participants of the digital transaction are fused to contextually encrypt the data in transit.
Pi-Control for banking offers unmatched benefits across the entire digital transaction security life-cycle to deliver more value through digital initiatives. Pi-Control has ready integrations into FLEXCUBE, Tally and any solution that works with APIs.
Fortytwo Labs implemented cryptographic transaction security for one of the largest banks in Asia by using it’s Pi-Control cryptographic transaction security platform.
While Pi-Control is ultimately configured for each client differently, our implementation for banking typically includes:
ERP Connect for Corporate Clients
For corporates such as SMEs and enterprise clients of banks, the banking services such as balance check, transaction status check, receipt alerts and payments are securely integrated straight into the belly of their ERP system such as Tally, SAP etc.
Passwordless Crypto Authenticator
This solution secures access by employees, customers, vendors/ partners to digital banking and automation applications. Banks upgrade authentication from password based authentication to cryptographic password less mode of authentication
This solution is a cryptographic alternative and upgrade to simple e-signing (as per eIDAS) for contracts and digital transactions. Pi-Control advanced multi-party e-signing employs identity based cryptography and doesn’t rely on PKI or trusted third party, making it the most scalable and secure alternative to simple e-signing for banks.