Mobile Security Suite Datasheet

An all-in-one developer’s toolkit designed to improve security and user convenience across your mobile application ecosystem

HIGHLIGHTS

Strong security
  • Secure the core components of your app including communications, storage, and user interface.
Ultimate user experience
  • Offer a wide range of flexible authentication options and protect users with an invisible layer of security.
Modular toolkit
  • A complete suite of more than 18 security, authentication and e-signature capabilities developers can deploy when they need it.
Achieve Compliance
  • Fulfill strict regulatory and internal requirements for authentication and data protection.
Streamline development
  • Orchestration makes mobile app development easier, reduces costs, and speeds timeto-market.
Future proof
  • Significantly reduce development efforts for integrating new biometric options as they become available with orchestration.

Mobile applications are changing the way business is done, offering instant access to services for your users. Unfortunately, motivated hackers are taking advantage of the many complexities created by the mobile ecosystem to exploit vulnerabilities, resulting in sophisticated fraud schemes and theft of sensitive data.

Increase security and reduce friction

OneSpan Mobile Security Suite is a comprehensive developer’s toolkit (SDK) and unique single framework that natively integrates application security, two-factor authentication and electronic signing into your mobile applications. Through a complete library of APIs, you have all the necessary building blocks to extend and strengthen security for your applications and deliver unprecedented convenience to your users, while streamlining the application deployment and lifecycle management process. Benefits of OneSpan Mobile Security Suite include:

  • Fraud Prevention: A unified framework that enhances security across all core components of your application – communication, storage, platform, provisioning, interface and user.
  • User and Transaction Protection: Broad, flexible, and fully integrated twofactor authentication and electronic signing supports the demand for user convenience for even the most sensitive mobile transactions.
  • Risk Scoring: Risk scoring that is driven by user, platform and context elements is embedded into the authentication process, meeting requirements for enhanced server-side analytics and streamlined compliance management.

Simplify with orchestration

The Mobile Security Suite Orchestration SDK makes it easy for developers to add authentication and security features into new mobile app projects. Paired with OneSpan Risk Analytics, it also allows for more flexible authentication processes (e.g., PIN to fingerprint to face) with minimal development effort. Additionally, the Orchestration SDK builds-in plug-and-play support for new biometric options as they become available, and without developers having to recode the app, resubmit it to app stores or persuade users to update – effectively future-proofing their app.

Simplify with orchestration image

 

OneSpan Mobile Security Suite helps you enhance security and manage applications at every level, from provisioning through user activation, across multiple user devices. OneSpan Mobile Security Suite is suitable for any server side environment — it doesn’t require in-house cryptographic expertise, is fully customizable, runs without GUI issues, meets all graphical requirements and is integrated with a minimum of development effort via the OneSpan Mobile Security Suite Orchestration SDK.

For users, OneSpan Mobile Security Suite provides a convenient, frictionless experience, supports a broad range of options for accessing mobile applications and conducting transactions, and supports most commonly available mobile platforms including Android, iOS, Windows Phone, and BlackBerry.

Complete mobile application security

Our users demand a secure, but very convenient and friction-free application that limits the security burden to a strict minimum. OneSpan Mobile Security suite helps us to decrease the login time and increases user convenience with e.g. the Touch ID functionality.

Tayfun KüçükChief Technology Officer
Odeabank

Secure User

OneSpan Mobile Security Suite offers extensive authentication options including truly frictionless behavioral biometrics that leverage keystroke dynamics, swiping patterns and more, user-friendly fingerprint and facial biometrics and other proven multi-factor solutions as well as a suite of innovative e-signature products - like Cronto® graphical cryptograms.

Secure communications

OneSpan Mobile Security Suite offers end-to-end encryption that introduces a new level of service between server and client applications, providing an encrypted secure channel for almost anything, including text, photos, and QR codes.

Secure storage

OneSpan Mobile Security Suite delivers secure storage functionality through encryption for all application data, independent of any operating system or device. In addition, multi-device management allows users to utilize all devices through a single license.

For Android operating systems, OneSpan supports secure storage protection through the Secure element feature of the device. Securing data on enabled Android phones is achieved via a second layer of encryption, providing an excellent defense against application cloning attacks as the encryption key stored in the Secure element cannot be extracted.

Secure platform

OneSpan Mobile Security Suite offers features such as geolocation, device binding, jailbreak and root detection to help you protect against platform vulnerabilities that could compromise the security of your mobile application.

Secure provisioning

OneSpan Mobile Security Suite provides a full range of features for deployment, provisioning and activation, offering manual, online, and QR code-based processes, as well as protocol independent features that, leveraging the Orchestration SDK, streamline provisioning across multiple platforms.

ONESPAN MOBILE SECURITY SUITE

OneSpan Mobile Security Suite
Runtime Application Self-Protection

Runtime Application Self-Protection

Natively integrated application security technology that dynamically monitors application execution to detect and prevent attacks on mobile application

Jailbreak and Root Detection

Jailbreak and Root Detection

Key application security elements used to determine if a mobile device has been compromised by removing important application download restrictions

Device Identification

Device Identification

Leverages unique attributes of the mobile device to provide a persistent identification, unaffected by mobile OS updates. Defeating hacker attempts to spoof the mobile device

Geolocation

Geolocation

Utilize the location of a mobile device, as a key risk analysis element, to determine the level of device trust

Device Binding

Device Binding

Securely links an authorized user to their authorized device(s) which can prevent cloning or repurposing of cryptographic keys

Secure Storage

Secure Storage

Strong encryption for all application data stored on a mobile device, independent of any operating system or device

Secure Channel

Secure Channel

End-to-end encryption supporting the highest level security between server and mobile device exchanges including test, photos, QR codes and authorization data

E-signatures

E-Signatures

A seamless and fully compliant solution enabling users to e-sign documents anywhere, anytime and on any device

Behavioural Authentication

Behavioral Authentication

A frictionless biometric option that continuously operates in the background, invisible to end users, that scores behaviors like keystroke, touch and mouse motion for accurate authentication

Face Authentication

Face Authentication

A frictionless biometric option that utilizes facial data points and next generation liveness detection to quickly and accurately authenticate users (supports Apple Face ID)

Fingerprint Authentication

Fingerprint Authentication

A simple and proven biometric authentication option that utilizes a fingerprint scan to quickly and accurately authenticate users

Risk Based Authentication

Risk Based Authentication

Real-time analysis that scores the risk profile of a transaction based on all of the available data points and can dynamically step up security when necessary

CRONTO Authentication

CRONTOⓇ Authentication

Patented color QR code scan provides a highly secure and user-friendly authentication and transaction signing experience

QR Code Support

QR Code Support

A flexible image scanning feature that reads standard QR Codes to secure communications

Transaction Signing

Transaction Signing

Fully integrated transaction signing balances user convenience and strong security for even the most sensitive mobile transactions

Push Notification

Push Notification

Device independent push notification that securely sends any message/content between server and mobile device including alerts, transactions, and authentication data

Secure interface

OneSpan Mobile Security Suite provides PIN Management to protect against brute force attacks and dictionary attacks, as well as integration with fingerprint biometric readers. It also supports additional application hardening techniques like zeroing memory.

Secure Execution

OneSpan Mobile Security Suite offers runtime application self-protection against execution environment corruption and reverse engineering threats through repackaging, debugger, emulator, hooking framework detection, keylogger or screenreader prevention as well as advanced obfuscation and anti-library injection.