Skip to main content
Skip table of contents

WebAuthn: Biometric authentication

Current 2FA methods, such as authenticator apps and SMS-based codes, while secure, can be cumbersome and prone to user fatigue. SMS codes, in particular, are vulnerable to interception and phishing attacks. Our proposed WebAuthn-based solution addresses these issues by leveraging biometric data, which is unique to each user and nearly impossible to replicate or steal.

Introducing advanced biometric authentication

We propose an innovative feature that integrates advanced biometric authentication using the WebAuthn API. This feature idea is designed to enable seamless and secure two-factor authentication (2FA) using Face ID and Touch ID, revolutionizing the way users interact with our platform.

Key problems this feature solves:

  • Enhanced security: Biometric data is far more secure than traditional 2FA methods.

  • User convenience: Quick and effortless authentication using Face ID or Touch ID.

  • Reduced reliance on SMS: Minimizes the vulnerabilities associated with SMS-based 2FA.

  • Compliance: Fully complies with PSD2 regulations, ensuring robust security standards.

How it works

WebAuthn integration will provide a versatile and user-friendly authentication experience across different platforms:

  • Web application (without banking application): Users log in by scanning a QR code with their phone and authenticating using Face/Touch ID.

  • Web application (with banking application): Users receive a push notification on the banking app and authenticate using Face/Touch ID.

  • Mobile application: Users authenticate directly within the banking app using Face/Touch ID.

Feature highlights

Below are the key benefits and functionalities of WebAuthn biometric authentication:

  • Primary 2FA method: Biometric authentication will be set as the default 2FA method, providing a superior user experience.

  • Backup 2FA: SMS 2FA will still be available for the first login and as a backup option.

  • Push notifications: Users can confirm actions requiring 2FA through convenient push notifications.

  • API integration: Clients using our API can integrate biometric 2FA into their operations, enhancing security across their platforms.

If you’re interested in integrating this cutting-edge feature, please contact your client manager for more information and pricing details.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close