Banking & payments

The banking and financial sector has been revolutionised by technology and data. Now, more than ever, mobile payment security is critical.  We focus on increasing the accessibility and authorisation rates of digital banking and payments within mobile environments. Our solution uses the highest level of security available on the device.

The Payment Card Industry (PCI) regulator has introduced requirements for mobile payment acceptance systems; our solutions enable straightforward compliance with PCI standards.

mPOS security

Using smartphones as payment points is a growing global trend. It reduces the reliance on cash, speeds up transactions, improves security and opens up commerce to new businesses. New PCI requirements ensure that mPOS is a secure way to pay, even as transaction values get higher.

We are actively able to support partners towards PCI compliance, including CPOC/ SPOC, as they move to secure PIN entry and trusted user interfaces. Read our 1 pager on CPOC + Pin here.

We are the security backbone of any digital transaction. We enable our partners to adhere to critical certifications required by PCI, the technical standards for the payment card industry.

We are the only player in the market to provide a hardware-backed solution on compatible devices, and one that will seamlessly fall back to software where hardware capabilities are not present.

PCI compliant solutions for mPOS

Use cases

Our technology enables application developers to seamlessly lay the security foundations of any banking and finance-related mobile application.

Application ID
Enhanced security
Trusted User Interface

Our solution is hardware and software agnostic. It can work across any smart device.


Application Security

Mobile banking & payment app protection

Mobile banking applications and payments must be secure to protect users from fraud and hacking. To ensure the security of their apps, banks and application developers have included layers of authentication. For example, one-time passwords (OTP), which are normally validated by text, and built-in secondary applications have been used to enhance security. Both are cumbersome for the user and costly for the merchant.

Trustonic’s Application Security solutions enable developers to make use of the full security capabilities of a modern device – from strong device identity to secure storage and processing. This allows security capabilities to be baked into the application, rather than relying on cumbersome external means, such as SMS or hardware tokens.

The greater security that we provide not only protects the user and merchant from attack, but also provides a more seamless experience, and enables user privacy to be properly respected, avoiding risks of GDPR infractions.

Application Security

We are the security backbone of any digital transaction from a mobile device

Future possibilities

Our approach is to separate the security-critical parts of an application and run them within a Trusted Execution Environment (TEE). This keeps data, code and cryptographic keys protected and allows significant flexibility in the application logic, facilitating the support of novel applications and custom protocols.

There is a rich array of financial applications that require the highest degree of security in order to carry out high value transactions or data-sensitive processes.

We work with leading fintech companies and infrastructure players to develop new solutions in the sector, with trust and security at our core.

Application Security

Highest levels possible levels of security

Professional services

We offer a range of professional service options. We offer architecture design and security advisory, Trusted Application development, as well as training and support. These options are available as standard packages or bespoke solutions, depending on your requirements.

Use cases

In addition, our mPOS professional services packages are designed to help you move quickly and efficiently through the key aspects of compliance.

Brand to code - TUI
TUI & PIN block generation
Remote key injection
CPoC, SPoC & Tap to phone documentation
Whitebox encryption
Code integrity

Our in-depth understanding of what is required to achieve certification and compliance for mPOS solutions can greatly improve speed and time to market.


Professional Services

Certifications

Standards and certifications are essential to driving security best practice. We are an active contributor to multiple standards bodies and has a close relationship with leading certification labs.

See our full certifications

Technology

Find out more about our core technology