Sentrycs Identification-as-a-Service is looking to partner with PISPs for PSD2/SCA
EU PSD2/RTS regulation, to be in effect on September 14 ,2019, will require all Internet Payment Service Providers (PSPs) to provide strong Customer and Payment authentication. Sentrycs brings to PISPs: compliance, security and user convenience.
To ensure the compliance with EU PSD2/RTS/SCA-
Sentrycs Strong Customer Authentication is based on:
Possession-something only the user possesses: a smartphone.
Knowledge-something only the user knows: PIN.
To enable Transaction Risk Analysis -additional elements are also provided:
Geolocation pattern matching, Behavioral Biometrics, Browser Fingerprinting.
An extra security element is Dynamic Link of Customer Authentication to Amount and Payee, thus providing Payment Authentication. To ensure security resilience to malware attacks- the Independence of channels is implemented as following: Initiation of payment or account info - in Internet browser, strong authentication - in Sentrycs smartphone application. But no data is transferred between the Internet browser and the smartphone application.
Demonstration of Online Access, Money Transfer and Internet Payments:
The demo shows that low-risk online access can be completed in less than 5 seconds.
The demo also shows that high-risk transactions can be completed in less than 15 seconds from Buy @ Shopping Cart to Purchase Confirmation on Merchant's site.
To further ensure resilience to fraudsters attack:
on knowledge: brute force attack against PIN is limited by 5 attempts, on possession: replication is prevented by using multiple smartphone elements. To enroll into Sentrycs IDaaS - Payment services users will perform two-tier identification, prior to obtaining authentication software application and activation code to their registered email address. Sentrycs offers convenient web-based integration with Payment Initiation Service Providers using its proprietary API.
An integration with the merchant sites accomplished by seamless redirection of Payment Services Users (PSU) along the route : PSU>Merchant>PISP>Sentrycs>PISP>Bank>Merchant>PSU .
This allows an important Value Proposition for a Merchant:
One click buy at the merchant site, since no payment data is entered by the user. This is saves a lot of friction for PSU.
This allows an important Value Proposition for a PISP:
Immutable proof-of-transaction between the payment services user and payment services provider, resilient to malware attack, thus preventing costly customer disputes and chargeback.
For more details see our Presentation link:
Sentrycs bridges the gap between Regulators, Customers, Anti-Fraud and E-Merchants.
For further information please visit our website: