The European Patent Office (EPO) has granted Entersekt patents for two of its foundational technologies: the company's mobile-based transaction authentication system and the cryptographic processes it uses to identify individual mobile devices and secure communications to and from them. Both inventions are already protected in other international jurisdictions.
The authentication industry is undergoing a sea change. Once popular means of identifying digital users and verifying their actions have been compromised by cyber criminals, deprecated by regulators, questioned by organizations grappling with GDPR and PSD2, and scorned by consumers for their inconvenience. New brand names have proliferated, but analyst firms like Gartner predict a rapid convergence on out-of-band, mobile push-based authentication of the kind Entersekt pioneered almost a decade ago.
"These patents underscore how far ahead Entersekt is in next-generation digital security," said Schalk Nolte, Entersekt's CEO. "Our patent portfolio - 56 strong and growing - confirms our status as an innovator in a crowded market while protecting our unique set of highly specialized technologies. We are pleased too that we can provide our customers and partners with the assurance that their investments in our technology are protected from infringement claims made by competing vendors."
Both EPO-issued patents are for technologies that lie at the heart of Entersekt's app security and multi-factor authentication product Transakt:
- EPO Patent No. 2368339 (Secure transaction authentication) covers Entersekt's fully out-of-band, multi-factor authentication system, which allows digital banking users, online shoppers, and others to verify their Internet- or mobile-initiated logins and transactions directly on their mobile phone or tablet, with just one tap.
- EPO Patent No. 2622786 (Mobile handset identification and communication authentication) describes advanced cryptographic functions for identifying each enrolled mobile device; encrypting and mutually validating communications between the device and service provider; and digitally signing authentication responses, so that both parties are protected in the case of a dispute. The system includes software applications capable of communicating with a certificate authority.
Entersekt's patents pending range widely, relating to push USSD, public key pinning, virtual smartcards, random number generation, secure mobile browsing, batched transaction authorization, user enrollment, and fallback systems using enhanced legacy authentication technologies.