Digipass SecureClick (FIDO U2F)
FIDO U2F Certified Device
Digipass® SecureClick is a FIDO U2F BLE (Bluetooth Low Energy) device that enables users to securely access their online applications by adding a second factor to strengthen the authentication process.
Multi Factor Authentication (MFA)
Digipass SecureClick leverages proven multi factor authentication technology to protect online accounts at the push of a button. Users simply log in to the website and enter their password. They then push the button on their Digipass SecureClick and the login process is complete.
All communication between Digipass SecureClick and the Bluetooth Bridge is encrypted. As a result, Digipass SecureClick protects even the most sensitive mobile transactions while delivering lightning fast user connectivity.
Bluetooth and USB Dongle
Digipass Bluetooth Bridge
For PCs that do not support Bluetooth, OneSpan offers a Bluetooth Bridge in a USB dongle. Inserting the dongle into the USB port of a computer pairs Digipass SecureClick with the Bluetooth Bridge, enabling it to be used as a FIDO U2F USB device.
Mobile Security Suite with FIDO (FIDO UAF)
FIDO UAF Certified
Mobile Security Suite with FIDO is a FIDO UAF certified solution.
Eliminates Shared Secrets
FIDO protocols use asymmetric public key cryptography. At registration, a private and public key pair is generated and the private key never leaves the device. As such, there are no server-side secrets to steal. There is also no linkability between services, which means that no information is provided that would allow user tracking.
Biometrics are never stored or matched on servers, and can only be stored and matched on a consumer’s device.
Additional Risk Scoring Security Features
FIDO capabilities are offered as part of the OneSpan Mobile Security Suite. This is a comprehensive developer toolkit (SDK) that natively integrates application security, FIDO authentication, and electronic signing into mobile applications. The Mobile Security Suite provides FIDO authentication and much more, including features such as geolocation, jailbreaking, device binding, and secure storage.
Protect native apps against sophisticated mobile malware through app shielding and Runtime Application Self-Protection (RASP). Application shielding protects a mobile app from the inside out. It allows the app to securely operate even in potentially hostile environments, such as jailbroken or rooted devices – blocking malware and helping to prevent intrusion, tampering, and reverse-engineering.
FIDO meets the requirements outlined in the revised Payment Services Directive (PSD2) Regulatory Technical Specifications (RTS). FIDO supports strong customer authentication and multi factor authentication, as well as dynamic linking for online and mobile payments (to protect against Man-in-the-Middle attacks).
FIDO meets GDPR compliance requirements by design. FIDO delivers authentication with no third party in the protocol, and no linkability or tracking between accounts and services. Server-side secrets are eliminated and local verification of data (e.g., PIN and biometrics) complies with the GDPR.