Partners solutions

Mobile e-signature for digital banking and e-documents

PayConfirm — is a software platform that performs digital signature in a smartphone to sign any types of operations, including transaction or e-documents right in a mobile device.

Demonstration

PayConfirm is a software platform that performs digital signature in a smartphone to sign any types of operations, including transaction confirmation or e-documents right in a mobile device. Comparing to such methods of transaction confirmation as SMS, One-Time Password, scratch-cards, MAC-tokens and others, PayConfirm makes the procedure more secure and user-friendly.

PayConfirm consists of two parts: backend or server part that is implemented into bank’s IT infrastructure and clients part or application for smartphones based on iOS (9.0 and above) and Android (4.4 and above). The solution is white-label and can be easily embedded into bank mobile application or work as a stand-alone client.

In the core of digital signature generated by PayConfirm there are asymmetric cryptographic algorithms, which means that digital keys are generated and stored strictly on the side of bank’s clients and cannot be intercepted as well as signature cannot be produced by any third party.

Key points

Confirm and digitally sign any types of operations on-the-go with PayConfirm:

  • No more codes retyping from SMS, PUSH notifications and OTP generators;
  • Trusted service based on cryptography;
  • No deny of service in roaming and off-line modes;
  • Real-time notification right in a smartphone.

High level of security and fraud protection:

  • Protection from phishing, social engineering, data switching;
  • Device scoring and anomalies detection;
  • Device discredit protection;
  • SMS interception and SIM swap attack protection.

PayConfirm security

PayConfirm features to secure transactions:

  • Digital signature in PayConfirm is generated on the basis of four components: transaction details, digital signature generation time, unique smartphone characteristics (smartphone fingerprint) and user’s key;
  • Isolated backend app storage protects from unauthorized access in case of malware or device loss;

User’s key information security:

  • The security key is generated in the user’s smartphone and stored safely in the encrypted form;
  • Two independent communication channels are used to activate PayConfirm app in a user’s smartphone.

Transactions non-repudiation:

  • User not just confirms payment details, but signs them digitally and will be informed about transaction status afterwards;
  • PayConfirm uses asymmetric cryptographic algorithms, thus, there is only the user who can generate a digital signature.