Secure Authenitication for Electronic Transactions

Recent fraudulent attacks have proven that PIN and password are not providing the level of security that is required to securely conduct the exchange of sensitive data. In addition to that also the telecommunication infrastructure has revealed vulnerabilities which have already been a backdoor for misuse of SMS based Transaction Codes. On the other hand biometric authentication is very well accepted by the users of mobile applications and considered as ideal securitization by banks and regulators. BGS' SAFE-T solution makes use of this fit and offers the next level of security for electronic transactions.

BGS is one of the first solution providers to offer a cost-effective, simple-to-implement solution specifically designed to establish an extra layer of trust between a bank and its clients, especially in relation to the trust in the identity of the client. The underlying objectives in designing the solution were ease of implementation and management, requiring limited operational support and being highly adaptable to address new threats.


Slide background

Strong Customer Authentication
is a procedure based on the use
of two or more of the following elements
categorized as knowledge, ownership and inherence.


Device Binding

The ability to assert the trustworthiness of a device is vital for addressing mobile transaction security concerns. Binding a customer account to a mobile device is the first element of the SAFE-T security concept. To establish a firm link, SAFE-T ties the customer's phone number, to hardware specific attributes of the mobile phone used in the registration process. This link is unbreakable. The user defines his personal PIN for the SAFE-T application and activates biometric data recognition (fingerprint, face recognition) for secure user identification and transaction authorization.

Unique User Profile

A crucial element in the security concept of SAFE-T is, that PIN and biometric data are created offline on the mobile phone itself. They are not stored on the host server, or on the customer's phone. They are factors only known and inherent to the customer - Nobody else! The activation code and the customer's credentials form part of the underlying securitization process of the key cryptograms used for personalization. Once the activation code is entered, and the personal identification criteria are set, the SAFET instance is fully personalized and a unique user profile – a virtual equivalent of the customer’s physical card is created on the host and downloaded through secure data transfer to the mobile phone.

Easy SDK integration

The SAFE-T solution consists of an SDK that is implemented on the phone within an app, and our Enrolment and Authentication Host, which generates and encrypts keys via a Hardware Security Module (HSM) thus ensuring the protection of any sensitive data.

Slide background


Massive Fraud in Card Not Present

With €958 million in fraud losses in 2013, CNP fraud was not only the largest category of fraud in absolute value but, unlike ATM and POS fraud, also the only one recording an increase compared with the previous year, with growth of 20.6% from 2012 (ECB: Fourth report on card fraud, July 2015). On 12 January 2016, Directive (EU) 2015/2366 on payment services in the internal market (PSD2) entered into force in the European Union, and it will apply from 13 January 2018. Among others, the main objectives of this legal framework are stated as: Security of electronic data is fundamental for ensuring the protection of users and the development of a sound environment for e-commerce. All payment services offered electronically should be carried out in a secure manner, adopting technologies able to guarantee the safe authentication of the user and to reduce, to the maximum extent possible, the risk of fraud.

Related Downloads

   Mobile Payment Suite  Wallet Solutions
   Mobile Payment Suite Wallet Solutions