SCA authentication fraud prevention customer experience UX secure authentication

Introducing Silent Authentication+

JT Mobile Intelligence

Something that many people take for granted when using their mobile phones is the authentication processes that unfold each time you hit the unlock button. In order to make a call, send a text, or access the internet, your network provider needs to authenticate your identity.

We take this for granted because it’s quick, unseen, and secure, requiring no input from the user. This seamless authentication stands in bold contrast to the awkward, slow process of customer authentication using passwords, SMS one-time-passcodes (OTPs), email verification links and authenticator apps.

That’s why here at JT we’ve teamed up with anti-fraud specialists Honey Badger, to change how we handle customer authentication. Introducing, Silent Authentication+

How does Silent Authentication+ work?

In order to understand how Silent Authentication+ works, we first need a bit of a primer on how mobile networks handle customer authentication. It all starts with your phone's SIM, or your Subscriber Identity Module.

Each SIM has two crucial elements:

  1. The International Mobile Subscriber Identity (IMSI) - As the name suggests, this is the unique identifier for each SIM card or eSIM. This is used primarily for the identification of the user as a subscriber to the mobile network.
  2. The Authentication Key (Ki) - This is the secret key that is used for authentication with the mobile network. This is the part of the SIM that is most relevant for authentication.

When your phone attempts to connect to the mobile network, your provider will first need to authenticate your device. This is done by the network providers Authentication Centre sending a random number to your device. Your unique Ki will process this number and send the result back. Since the Authentication Centre has a copy of your Ki, in parallel it processes the random number, computing an expected response. If the two responses match, your device will be authenticated.

All of this happens near instantly in the background and without the need for user input. Your Ki is embedded directly into your SIM, meaning that it’s never transmitted either to or from your mobile device. It is a cryptographic secret that is only shared with your mobile provider’s Authentication Centre, ensuring a much higher level of security. 

In contrast other common forms of authentication such as passwords, SMS One-Time-Passcodes (OTPs), PINs, and email verification or ‘magic’ links, are reliant upon the sending and receiving of data between the users and service provider. As such they are much more vulnerable to cybersecurity breaches, and by their very nature create friction in user journeys.

By leveraging the same cryptographic technology employed by mobile networks Silent Authentication+ is not only much more secure and less susceptible to cyberattacks, but also provides a fast, frictionless customer experience.  

These are the core benefits of Silent Authentication+

Enhanced security
As we’ve already mentioned, by using the same secure, cryptographic technology employed by mobile networks, we’re able to provide a far higher level of security than traditional authentication processes.

By eliminating the need for passwords, OTPs, PINs and verification links there’s nothing for criminals to intercept, spoof, phish for, or hack. And since the user does not know the cryptographic key, there’s little option for social engineering attacks. All this results in a solution that instantly reduces the opportunities for criminals.

There is also no need to involve any third-party apps or software. Silent Authentication+ works directly within your apps or web browser, eliminating the need for additional software and removing further vectors of attack.

Friction-Free user experiences
Traditional 2-factor authentication (2FA) and multi-factor authentication (MFA) processes are often slow and unwieldy to use. Users must enter their credentials, wait for a code to come through, copy and paste that information, and send it back to the service provider. While this may seem simple, in user experience (UX) terms it is less than ideal, and for service providers it creates demands upon support that incur costs. 

With authentication often being the first touchpoint that customers have with service providers, it must be as quick, easy and painless to complete as possible.

With Silent Authentication+, much like with mobile network authentication, the whole process is seamless and does not require user input. It is also up to 20 times faster than 2FA or MFA, with a frictionless user experience that reduces customer abandonment rates.

To find out more about Silent Authentication+ and how it can revolutionise your authentication systems, get in touch with the JT team today!

Stay up to date on how to combat financial fraud

JT's Mobile Intelligence division works with banks and financial services across the world to increase the awareness of how fraud is perpetrated and to deploy innovative fraud prevention solutions to combat todays most pervasive types of frauds.

For more information on JT’s Mobile Intelligence solutions contact our team of experts today.