Encap SCA

Need more help?

We are currently migrating our Encap SCA documentation to this platform. This means that some information might not be migrated yet.

If you can not find what you are looking for, please contact us at support@signicat.com.

Page contents

• About Encap SCA
  • Omnichannel, global and compliant
  • Security
  • Integration
• Use case examples
• Industries
  • Customer cases
• Encap SCA components
• Try it out
• Support

About Encap SCA

Encap SCA is our on-prem Strong Customer Authentication (SCA) mobile product. Encap SCA leverages multi-factor authentication (MFA) to verify that the authorised end-user is the person making the transaction, and not an unauthorised third party, such as a hacker or fraudster.

Our MFA solution uses a combination of something the end-user has, such as a mobile device, with either:

• Something the user knows, such as a PIN code.
• Something the user is, such as biometrics. For example, this could be fingerprint or facial recognition.

Omnichannel, global and compliant

Encap SCA is an authentication product that allows your customers to use their mobile device to authenticate and authorise transactions through your mobile app. The device uses on-device biometrics or an end-user selected PIN code, in combination with the device itself, to achieve two-factor authentication.

It is built to support omni-channel transactions. This means that the transaction will always be approved by the customer in your mobile app, regardless of the channel in which the transaction was initiated. Encap SCA can be used in any country, allowing you to use a single solution across your global business.

Encap SCA complies with the Payment Services Directive (PSD2) (opens new window) and the General Data Protection Regulation (GDPR) (opens new window).

Security

Encap SCA has a layered security strategy. This means that we regularly add new layers of security to ensure that our product keeps up with the threat landscape.

Our security features can help you prevent and reduce fraud by protecting against various types of mobile attacks, including:

Man-in-the-middle (MITM) attacks

Encap SCA provides multiple layers of security to prevent a hacker from intercepting the communication between the mobile app and the backend system. For example, we use end-to-end encryption (E2EE) and an operation context to prevent unauthorised access.

Phishing attacks

Phishing attacks where the end-user is tricked into giving away their credentials are becoming more frequent. Encap SCA can help prevent these types of attacks by using server-side biometrics and an operation context to verify the user and prevent unauthorised access.

Device cloning

Cloning a device can give an attacker access to all of the end-user’s installed apps, including mobile banking apps. Encap SCA uses hardware-protected keys and dynamically generated authentication keys to detect if a device is a clone. If a cloned device is detected, all operations on that device are rejected.

Integration

There are two ways to integrate with Encap SCA.

Integration with SDK

The most common integration path uses the following components:

• Encap SCA server
• Mobile SDK for Android and iOS

The server is deployed in your infrastructure and exposes all operations through REST APIs. The SDK is integrated into your mobile app to give you complete control over the customer journey and user experience.

Integration with Authenticator App

If you do not have a mobile app or if you wish to have a standalone Authenticator App, we offer a white-label Authenticator App that you can use.

This integration path uses the following components:

• Encap SCA server
• Authenticator App

Authenticator App

The Authenticator App is available for both Android and iOS . You can read more about it in our Authenticator App documentation.

Use case examples

Encap SCA is built flexibly, to enable you to implement any use case that you might have. Here are some examples of how the solution is being used today:

• Authenticate an end-user in mobile app scenarios
• Authenticate an end-user in web scenarios
• PSD2-compliant payment authorisations
• Customer support identifications
• Onboarding and re-onboarding
• 3DS payment authorisations
• Consent signatures

Industries

Encap SCA is a tool to drive mobile business. Today it has millions of end-users who use this technology to perform authentications and authorisations across Europe.

Here are some examples of where Encap SCA is being used today:

• Banking
• Wealth management
• Insurance
• Healthcare
• iGaming

Customer cases

You can read about how our customers are using our solutions today in our customer cases:

Banking

Our customer S-Pankki has increased customer engagement

Wealth management

Our customer Evli has improved user experience and security

Encap SCA components

Authenticator App

Serves as the mobile GUI for activation, authentication and authorisation processes

Mobile SDK

Coming soon

Server

Coming soon

Try it out

Demo portal

You can explore how Encap SCA works in our demo portal

Support

For any further queries, you can contact us at support@signicat.com.