Banking and Finance Cybersecurity:
Frequently Asked Questions (FAQs)
Swivel Secure’s AuthControl Sentry® is one of the most intelligent and dynamic solutions available and is an ideal solution for banking environments. Whether authentication is required for employees or customers, AuthControl Sentry® offers intelligent multi-factor authentication that can automatically provide the appropriate level of authentication. As well as providing unparalleled security, AuthControl Sentry® supports the risk-based requirement (RBA) of the SCA – strong customer authentication requirement of PSD2*.
* PSD2 – is a directive for the European Union and to regulate payment services and payment service providers throughout the European Union (EU) and European Economic Area (EEA).
Yes, Swivel Secure’s AuthControl Sentry® can provide authentication for both customers and employees. Designed for optimum integration, AuthControl Sentry® can provide authentication for hundreds of applications and appliance software.
As well as authenticating customers, other stakeholders including employees can authenticate access to all of their applications, whether they are trying to access a customer relationship management database, or employee information in human resources.
AuthControl Sentry® is extremely versatile and can provide organisations with up to ten authentication factors, ensuring efﬁciency for users is optimised while security is maximised.
With a range of authentication factors, together with risk-based authentication, administrators can conﬁgure AuthControl Sentry® to request different methods of authentication from the TURing image to AuthControl Mobile®. Utilising AuthControl Mobile®, users can authenticate with one of three factors including the one-time code (OTC) option, PUSH or the OATH method. The configuration can ensure the appropriate level of authentication is requested depending on the level of transaction. For example, high value transactions can request the user to authenticate with full multi-factor authentication – potentially utilising all of the factors available.
AuthControl Sentry® integrates with hundreds of applications and can be utilised to protect both cloud and on-premise environments.
Swivel Secure recognise that ﬁnancial institutions (such as banks) experience busy periods throughout the ﬁnancial year, where they see peaks in requests and transactions. Swivel Secure can work with your organisation to maximise the efﬁciency of your architecture through design, such as incorporating clusters, primarily focusing on the authentication of the users.
Yes, Swivel Secure recognise the need to utilise a jump server for systems that usually need to be kept separate or disconnected from external connections (for the majority of the time), such as their SWIFT system – Society for Worldwide Interbank Financial Telecommunications.
Whether accessing the SWIFT system through the ﬁrewall or Windows Credential Provider, AuthControl Sentry® provides full multi-factor authentication (MFA), ensuring ultimate security. AuthControl Sentry® allows ﬁnancial organisations to deﬁne strict authentication requirements to gain access to systems like SWIFT.
As well as providing credentials, users can be requested to authenticate using additional factors, including tokens or tokenless factors including PINpad® (using PINsafe® patented technology), OneTouch PUSH option using the mobile app and biometrics such as ﬁngerprints.
Yes, AuthControl Sentry® integrates with both Temenos and Infosys. AuthControl Sentry® can integrate with hundreds of applications through RADIUS, ADFS, SAML and Swivel Secure’s proprietary API – AgentXML.
At Swivel Secure we recognise the importance to integrate with a range of applications, and provide the ﬂexibility for administrators to incorporate multi-factor authentication within different environments, including cloud and on-premise, as well as everything in between.
Yes, with patented PINsafe® technology at the core, AuthControl Sentry® provides an unparalleled level of security, protecting user credentials and applications from unauthorised access.
PINsafe® is designed to provide users with an alphanumeric string. Users can use the alphanumeric string to extract a OTC using their PIN as a positional indicator. This means that they never enter their actual PIN. Therefore, if a mobile device gets lost or stolen, access can’t be authenticated without the knowledge mechanism of the user to extract the OTC.
Take a look at our other articles on how you can protect your Banking and Finance systems from unauthorised access:
† SSO or single source of access if applicable to all applications that are open source and consist of a configurable authentication mechanism.