Delivering authentication and mobile security solutions that make the digital world safer to bank and shop: Entersekt

“Built on open technologies for high availability, scalability, and simple integration, Entersekt’s patented security products protect millions of devices and transactions daily, while complying with the world’s most stringent regulatory guidelines.”

“ Our products help secure millions of transactions each day by allowing institutions to communicate interactively with their customers through the mobile phone or tablet.”

Founded in 2008, Entersekt is an innovator in push-based authentication and app security. The company’s one-of-a-kind approach harnesses the power of digital certificate technology with the convenience of mobile phones to provide financial services companies and their customers with full protection from online fraud.

Entersekt was established by graduates of Stellenbosch University in South Africa, who saw an opportunity to engineer the first truly interactive transaction authentication system in the world by leveraging mobile technology. “Our first South African customer, Nedbank, went live in 2011; our first international customer (Swisscard) in 2014. In 2014, we also reached a million active end-users and were granted our first patents by the United States Patent and Trademark Office,” says Schalke Nolte, CEO.

“Today, we secure over 40 million authentications every month in South Africa alone, where we have nearly all the large banks as customers. We have a solid footprint in the rest of Africa, in Europe, and strong growth in the Middle East and the United States. After going live with our current deployments, we will be present in 45 countries,” added Nolte.

A Next-Gen Mobile Identity & Authentication Product
Transakt® is a next-generation mobile identity and authentication product that provides financial services companies worldwide with a trusted communication channel to their customers via their mobile phones or tablets. Using industry-standard X.509 digital certificates and proprietary validation techniques developed specifically for the mobile phone:

• Transakt uniquely identifies each enrolled mobile device, converting it into a trusted second factor of authentication
• Transakt enables a secure, out-of-band communication channel between the enterprise and the customer’s mobile device, making it impervious to host of online fraud vectors, including man-in-the middle/browser attacks
• Transakt provides digital signing of transactions, supporting non-repudiation

The combination of these capabilities means that financial institutions can be certain they are communicating with a legitimate device, while their customers enjoy peace of mind, confident that authentication messages and transaction signing requests originate from a trusted source.

Any electronic transaction initiated through any digital channel is sent to the customer’s mobile device for confirmation. Customers enjoy an intuitive, one-touch experience, responding to real-time push prompts simply by selecting “Accept” or “Reject”.

The primary differentiators of the Transakt product are:

• PKI that follows globally accepted best practices for the financial services industry
• End-to-end encryption between the mobile device and financial institution’s servers
• Mutual validation of all encrypted communications
• Layered approach to eliminate any single vulnerability
• No cloud processing of raw authentication data
• Scalable architecture
• Fully out-of-band (no input into a compromised channel such as the open Internet)
• High usability requiring no complex user action or code re-entry
• Cluster-capable security hardware appliance with FIPS 140-2 level 3 accreditation in 1U form factor
• The Monetary Authority of Singapore and Gartner have confirmed that Transakt conforms to mobile multi-factor authentication standards, which means that using Transakt when transacting from the mobile device still qualifies as multi-factor authentication
• Available as a powerful SDK, which can be incorporated into existing mobile applications

Entersekt’s software is covered by 28 patents, ensuring that our clients are globally protected against any possible infringement claims from other vendors

Key Customers
Entersekt’s multi-factor, out-of-band authentication solutions are engineered specifically for the heavily regulated financial sector, and adhere to all major digital banking security mandates. Aside from those set by the European Central Bank, these include the appropriate FFIEC advisories, as well as the particularly stringent Technology Risk Management Guidelines of the Monetary Authority of Singapore. Some of its notable clients include Swisscard (Switzerland); Absa, Nedbank, Old Mutual and Capitec Bank (all South Africa); Investec (South Africa and the United Kingdom); Equity Bank (Kenya); and FirstBank (Colorado).

Customers Speak
“We are delighted with the 99% reduction in phishing losses since the introduction of the Approve-It system.” – Anton de Wet, managing executive client engagement, Nedbank

“Swisscard’s partnership with Entersekt enables us to enrich our customer experience by eliminating use of passwords, which are less convenient and less effective against certain forms of fraud, in favour of an advanced one-touch mobile authentication process.” – Kenneth Eales, head of risk services, Swisscard

Case Study
Nedbank is among South Africa’s largest financial institutions, with assets of over $54 billion and over 7.3 million retail and corporate clients in mid-2015. Nedbank has all but eliminated online banking fraud since the launch, in March 2012, of Approve-it, an interactive transaction authentication security feature built by Entersekt to replace an earlier system using SMS one-time passwords. It allows Nedbank customers to authenticate online banking transactions using their mobile devices. It also forms the security platform on which the award-winning Nedbank App Suite is built. This fast-growing range of mobile services – from retail and business banking to personal financial management and online stock trading – was downloaded 1.1 million times by mid-2015.

The Road Ahead
Entersekt is expanding rapidly into markets outside of its home base and entering new verticals such as insurance, etc. One of the company’s current targets is Africa, where mobile lies at the center of banking. Other focus areas include the Middle East and Western Europe. “We are putting a lot of resources into R&D, often inspired by the specific requirements and vision of our most innovative clients. Some very exciting new products are in development, so are confident we will maintain our lead in the digital authentication and mobile security markets,” noted Schalk.

“ Our products help secure millions of transactions each day by allowing institutions to communicate interactively with their customers through the mobile phone or tablet.”

Knowing the Leader

Schalk Nolte, CEO
Schalk joined Entersekt as CEO in 2009, bringing with him experience in managing large-scale mobile technology and network deployments for GSM operators across Africa and the Pacific. Schalk’s passion for entrepreneurship and his relationships in the industry have been driving forces behind Entersekt’s growth. He holds a Bachelor’s degree in electronic engineering from the University of Stellenbosch (South Africa).