How Cronto Visual Transaction Signing Helps Prevent Fraud Attacks

Watch this video to understand how Cronto can be used to mitigate fraud and social engineering attacks. 

Video Icon

Even with advanced fraud prevention technology in place, social engineering attacks can cause real headaches for financial institutions.   

Social engineering is hard to combat because it targets the weakest link in the security chain - the banking customer. Using social engineering techniques, fraudsters can exploit a customer’s trust and trick them into authorizing fraudulent transactions.   

Something as simple as an e-mail can be used to fool a customer into installing malware or revealing their online banking details. Even connecting to a malicious WIFI hotspot can expose banking customers to threats such as man in the middle attacks.    

OneSpan’s proprietary Cronto technology helps financial institutions drive down fraud.  Cronto reduces the risk of customers being tricked into revealing an authorization code and criminals from intercepting and manipulating transactions. 

Cronto is designed to comply with regulations such as PSD2 without burdening the customer.   The solution uses a visual challenge encoded in a cryptogram. The Cronto code is initiated by the bank following a genuine transaction request and displayed on the customer's screen for transaction authorization.    

The Cronto code contains encrypted transaction data, including the transaction amount and recipient account details. This makes the Cronto code unique for each transaction.   After scanning the code, the customer can see all the transaction details on their screen. These details can then be verified before the transaction is approved.     

With Cronto, what the customer sees is what they sign. The use of end-to-end encryption safeguards the confidentiality, integrity and authenticity of all transaction data.  

Cronto provides a fantastic user experience and is reliable in low lighting conditions, on low-resolution screens, or if the image capture device is held at varying angles or is in motion.     

The solution offers the choice of hardware authenticators or a mobile solution. With Cronto, you can serve all customers – whether they prefer a mobile or hardware token.   

Cronto has a proven track record of successful implementations with some of the largest banks in the world, protecting millions of users. Cronto helps banks effectively combat social engineering by mitigating human risk, creating a secure banking experience, and offering an easy and intuitive customer journey.

Cronto Transaction Authorization

Combat social engineering attacks and mitigate human risk in banking transactions

Learn about the latest social engineering attacks and how cybercriminals exploit vulnerabilities in the transaction authorization process for account takeover. Minimize risk with industry best practices and technology recommendations.

Download the Social Engineering eBook