Mobility is a key element in client relationships and in developing new business models. Safelayer's mobile identification solution provides an identification platform for all the application ecosystem in which the mobile is the most secure and easy-to-use identification device.
Identity in your Mobile
Users can identify themselves securely in any device connected to the Internet (a laptop, a tablet, a smart TV, etc.) without needing anything except their mobile telephones. Safelayer's identification platform provides a mobile app that:
- Is a multifactor authentication method (2FA), which also allows signing and confirming transactions.
- Can be used with applications both on your mobile and on other devices.
- Is easy to use. When a higher level of assurance is required, the user needs only a PIN or Touch ID.
Ease of use and Adaptive Authentication
Adaptive authentication strikes a balance between maximum security and ease of use. This functionality makes the solution ideal both for corporate and scalable projects and for consumer-oriented projects, where an optimum user experience is critical.
Adaptive authentication works like this: The user accesses the application by identifying themselves with their social identity. Later on, at any point when a higher level of security is required, they are prompted to use their mobile to verify their identity.
Safelayer's adaptive authentication platform can orchestrate the following factors: passwords, social identities, Email/SMS OTP, the Safelayer Mobile ID app and contextual factors (geolocation, characteristics of the physical device, etc.). Furthermore, plug-ins are available for incorporating third-party methods, which supports the coexistence of currently used methods.
New API Web Models and Application Ecosystems
All security functions are offered via a standard OAuth 2.0 and OpenID Connect interface, which is straightforward, respects privacy and is designed explicitly for "Social, Mobile and Cloud" Web environments — the basis of the new API economy.
Safelayer's mobile identification solution also supports SAML 2.0 for integrating federated proprietary corporate systems and services in the Cloud, e.g., Salesforce, Google Apps, Office 365, etc. Safelayer's platform implicitly provides all applications and users of the service with single sign-on (SSO), trust elevation, step-up authentication services/functionality.
Authentication, Transaction Confirmation and Signature
The Safelayer Mobile ID app provides a complete set of identification services, either in the app itself or combined with Safelayer's identification platform. The services are activated transparently to the user, who always only sees the one app.
Unlike with authentication, in operations that require confirmation from the user, the Safelayer Mobile ID app displays to the user the details of the transaction they are requested to confirm or the document they have been asked to sign. Once the user accepts, their confirmation is sent to the server. The user's response can also be time stamped and stored as electronic evidence.
Security and Auditing
Safelayer's mobile identification solution enables complying with the latest regulations and guidelines for banking and governmental security including:
- eIDAS regulation. Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation)
- XS2A, part of the PSD2 directive, which regulates access to bank accounts via APIs. Revised Directive on Payment Services (PSD2) 08.10.2015
- ECB security guidelines. FINAL GUIDELINES ON THE SECURITY OF INTERNET PAYMENTS 19.12.2014