Mobile Security Suite Datasheet

An all-in-one developer’s toolkit designed to improve security and user convenience across your mobile application ecosystem

HIGHLIGHTS

Strong security
  • Secure the core components of your app including communications, storage, and user interface. Service around the clock.
Ultimate user experience
  • Offer a wide range of flexible authentication options and protect users with an invisible layer of security.
Modular toolkit
  • A complete suite of security and authentication capabilities developers can deploy when they need it.
Achieve Compliance
  • Fulfill strict regulatory and internal requirements for authentication and data protection.
Streamline development
  • Orchestration makes mobile app development easier, reduces costs, and speeds time-to-market.
Future proof
  • Significantly reduce development efforts for integrating new biometric options as they become available with orchestration.

The COVID-19 pandemic drove financial services and many other industries to adopt remote, digital processes to maintain business continuity. This led to a boom in the mobile channel as mobile devices continue to proliferate and reliance on web and desktop channels declines. Financial institutions, enterprises, and other organizations are incorporating a greater range of services into their mobile applications. This creates a positive experience for remote customers, but it also increases the potential risk exposure of business apps.

Increase security and reduce friction

OneSpan Mobile Security Suite is a comprehensive developer’s toolkit (SDK) and unique single framework that integrates built-in application security that allows a variety of technology for strong authentication (e.g. behavioral biometrics, push notification, FIDO, QR code, Cronto graphical cryptogram, etc.), dynamic linking, WYSIWYS (What-You-See-Is-What-You-Sign), authentication orchestration, and improved authentication UX. Through a complete library of APIs, you have all the necessary building blocks to extend and strengthen security for your applications and deliver unprecedented convenience to your users, while streamlining the application deployment and lifecycle management process. 

  • Multi-layered mobile app security: A unified framework that enhances security across all core components of your application – communication, storage, platform, provisioning, interface and user. This defense-in-depth approach ensures reliable shielding of the mobile app with advanced runtime defense and code hardening.
  • User and Transaction Protection: Broad, flexible, and fully integrated two-factor authentication and electronic signing reduces the risk associated with mobile financial services and supports the demand for user convenience for even the most sensitive mobile transactions.
  • Device trust allocation: Risk scoring that is driven by user, platform, and context elements is embedded into the authentication process, meeting requirements for enhanced server-side analytics and streamlined compliance management. The risk level of the device is assessed with every new user’s action on the device.

Simplify with orchestration

The Mobile Security Suite Orchestration SDK makes it easy for developers 
to add authentication and security features into new mobile app projects. Reduced development effort with pre-built automated authentication orchestration SDK that can easily be integrated into mobile banking applications. Workflows that allow dynamic and convenient user journeys and seamlessly protect both customers and end-users. The right amount of friction is added depending on the risk level.

Simplify with orchestration image

 

The Orchestration SDK builds into the mobile app plug-and-play support for new authentication methods without the need to hardcode workflows. The organization can add new authentication methods to their portfolio with a few clicks and save money from complex implementation projects when they want to introduce a new method or remove an existing one. Developers don’t need to recode the app, resubmit it to app stores or persuade users to update. 

OneSpan Mobile Security Suite helps you enhance security and manage applications at every level, from provisioning through user activation, across multiple user devices. OneSpan Mobile Security Suite is suitable for any server side environment — it doesn’t require in-house cryptographic expertise. The zero-code/no-code approach allows non-technical professionals to operate the solution via the customer portal. It is fully customizable, runs without GUI issues, meets all graphical requirements and is integrated with a minimum of development effort via the OneSpan Mobile Security Suite Orchestration SDK.

For users, OneSpan Mobile Security Suite provides a convenient and frictionless experience, supports a broad range of options for accessing mobile applications and conducting transactions, and supports most commonly available mobile platforms.

Complete mobile application security

Our users demand a secure, but very convenient and friction-free application that limits the security burden to a strict minimum. OneSpan Mobile Security suite helps us to decrease the login time and increases user convenience with e.g. the Touch ID functionality.

Tayfun KüçükChief Technology Officer
Odeabank

Secure User

OneSpan Mobile Security Suite offers extensive authentication options including truly frictionless behavioral biometrics that leverage keystroke dynamics, and swiping patterns, user-friendly fingerprint and facial biometrics, and other proven multi-factor solutions as well as a suite of innovative security technologies such as Cronto® graphical cryptogram, FIDO, and more.

Secure communications

OneSpan Mobile Security Suite offers end-to-end encryption that introduces a new level of service between server and client applications, providing an encrypted secure channel for almost anything, including text, authorization data, and QR codes.

Secure storage

OneSpan Mobile Security Suite delivers secure storage functionality through encryption for all application data, independent of any operating system or device. In addition, multi-device management allows users to utilize all devices through a single license.

For Android operating systems, OneSpan supports secure storage protection through the Secure Element feature of the device. Securing data on enabled Android phones is achieved via a second layer of encryption, providing an excellent defense against application cloning attacks as the encryption key stored in the Secure Element cannot be extracted.

Secure platform

OneSpan Mobile Security Suite offers features such as geolocation, device binding, and jailbreak and root detection to help you protect against platform vulnerabilities that could compromise the security of your mobile application.

Secure provisioning

OneSpan Mobile Security Suite provides a full range of features for deployment, provisioning and activation. This offers manual, online, offline, and QR code-based processes, as well as protocol independent features that, leveraging the Orchestration SDK, streamline provisioning across multiple platforms. 

OneSpan Mobile Security Suite

Secure interface

OneSpan Mobile Security Suite provides PIN Management to protect against brute force attacks and dictionary attacks, as well as integration with fingerprint biometric readers. It also has built-in additional application hardening techniques like zeroing memory. 

Secure Execution

OneSpan Mobile Security Suite offers runtime application 
self-protection against execution environment corruption and reverse engineering threats through runtime attacks such as debugging, emulation, hooking framework detection, library injection, keylogging, task hijacking, or permissions abuses 
as well as advanced static protection mechanisms such as sophisticated obfuscation and anti-repackaging measures.