Computop Reveals Strong Customer Authentication Solution for Online Retailers

Written By
G. Dautovic
Updated
October 03,2019

A biometric user-authentication service has been introduced by global payment-processing company Computop. The company’s Biometrics by Computop is intended to help online retailers and banks meet the requirements of the European Union’s Strong Customer Authentication regulations, which go into effect in September 2019.

Although the EU’s SCA regulations apply only within the European Union, they affect any company that does business with European companies and customers. Much like GDPR, the regulations have worldwide implications.

Biometrics by Computop accesses the face recognition, fingerprint, and voice recognition facilities of modern smartphones to confirm the user’s identity. (Users may also choose to use a PIN or password.) The software uses public key encryption to identify the user’s hardware to a cloud-based server. These two steps are sufficient, the company says, to satisfy SCA regulations for online commerce and banking.

Computop says its platform allows online retailers to confirm the customer’s identity easily and conveniently at log-in time when the user begins a shopping session. This one-time identification will streamline check-out, the company says, because users will not have to identify themselves a second time to the shop, the payment processor, or the bank.

Computop says the digital signatures generated by its toolkit are sufficient to identify the user to a card issuer like Visa or Mastercard. The signature will confirm to the bank that strong customer authentication has already been applied and that the payment can be processed without further identity verification.

"What we are providing with Computop Biometrics is a host of great advantages for retailers. Biometric authentication can be applied to app or shop logins in order to avoid fraudulent account takeovers. This also helps the customer experience, because biometric authentication is so much better than a typical PIN-TAN process," says Computop CEO Ralf Gladis. "In addition, the whole process is GDPR-compliant, and consumers can be confident in knowing that biometric data will never leave their own device. Computop's solution will verify cryptographic keys but will never touch cryptographic data."

The Biometrics by Computop launch is just in time for the September 14, 2019, full roll-out of the European Union’s Payment Services Directive 2. PSD2 requires banks to allow other companies to access customer accounts via software interfaces. The directive’s main purpose was to streamline online commerce among EU countries, but opening up banking services to third parties is another consequence. The Biometrics by Computop solution allows online merchants to do their own SCA-compliant identification verification, bypassing banks’ secure log-in mechanisms. Under PSD2, banks must accept the Biometrics by Computop customer signature as proof of identity.

Biometrics by Computop is currently available as a cloud service for access control and login procedures. For payment authentication, developers can begin working now with Computop’s biometrics SDK on iOS and Android platforms. Using biometric authentication for payment authentication will be possible after the September 14 implementation deadline for PSD2.

About author

I have always thought of myself as a writer, but I began my career as a data operator with a large fintech firm. This position proved invaluable for learning how banks and other financial institutions operate. Daily correspondence with banking experts gave me insight into the systems and policies that power the economy. When I got the chance to translate my experience into words, I gladly joined the smart, enthusiastic Fortunly team.

More from blog