— App is invoked by PUSH message;
— Client confirms purchase using biometrics and/or numeric password;
— Authentication in off-line mode is also possible (when PUSH was not received);
— Integration with ACS from other's suppliers.
— Server platform of MAS communicates with ACS
— Solution includes monofunctional mobile App with Bank's branding or SDK library.
— Secret key is stored in App in encoded form in secure area of phone memory;
— Mutual authentication App and MAS using "OCRA Challenge-Response" algorithm;
— Keys are generated at MAS side using HSM.