Digital signature and authentication firm eMudhra has recently come of with a flagship authentication tool, emAS, which has very unique features. Biju Varghese, senior vice president, Enterprise Solutions, SAARC & APAC of the company in an interaction with N. Mohan
N. Mohan: Can you shed light on emAS, eMudhra’s flagship authentication solution, which supports multi-factor authentication? What are its unique features? Can you give a brief description about the unique features of this solution and how it differs from other authentication tools?
Biju Varghese: As more and more software, data and digital services are implemented and consumed by customers from across the globe, companies world over need to manage access to those software products and digital services in a more secure and effective manner. This is where advanced Identity and Access Management solutions such as emAS – eMudhra’s flagship authentication solution – steps in and help companies to securely ascertain who has access to what, who should have access to what, and how that access is being used. Driven by a sophisticated multi-factor authentication engine, it is the first IAM product in the world that supports 15+ modes of authentication, including digital signature based authentication, behavior based authentication and biometric facial authentication. As a result of this, emAS is currently being used by more than 40 banks in India – including State Bank of India and ICICI Bank – to handle more than 1 million transactions per day.
Some of the unique features of emAS include:
- Built-in Single Sign-on (SSO) and MFA (Multi-factor Authentication) to offer an all-in-one solution
- 15+ factors of authentication supported along with adaptive authentication
- Unique IAM which supports PKI (Digital Signatures) along with transaction level authentication
- Standard driven, online APIs for easy deployment and seamless communication with other systems
- Platform agnostic – can deployed across multiple operating systems
- Highly flexible and scalable platform with capacity to handle high volume of requests
- Easy user provisioning
- Risk based parameter definition and advanced reporting
How will it be advantageous for a bank to use emAS? How does it become easy for a bank customer to provide authentication compared to other authentication methods?
Compromised credentials and identity spoofing continue to be the biggest security threat to banks across the world. In such an environment, sticking with traditional two-factor authentication (2FA), which doesn’t provide the required level of security, or simply opting for advanced authentication mechanisms such as usage of hard tokens, which provides the required level of security but can be heavy on the pocket, negatively affect user experience and have poor adoption records, will not suffice. What banks need is a more flexible, secure, usable and cost-effective model for authentication, like the one provided by emAS.
emAs allows the banks to choose the right kind of step-up authentication and personalize the multi-factor authentication mechanism by considering various parameters such as the level of security, compatibility, ease of deployment, and cost per transaction. It also gives the liberty to the users to opt for the authentication method best suited for delivering a personalized experience while executing the transactions on the banking system.
How cost-effective is the tool for an enterprise-wide implementation?
emAS is available with both cloud-based and on-premise implementation models. It is also available with flexible commercial models that are bespoke to customer requirements and ensure that it is RoI and pocket friendly while providing the critical element of identity security on a larger scale.
Which are the types of authentication the application supports besides OTP, biometric, grid, etc?
emAS support following types of authentication that can be used in both web and mobile channels:
- Crypto token (digital signature) based authentication
- Mobile based authentication
- Smart card based authentication
- Bluetooth token based authentication
- SWYS (Sign-what-you-see) keys based authentication
- Web app token based authentication
- Mobile app token based authentication
- Hardware token based authentication
- Knowledge based authentication
- Behaviour based authentication
- QR code based authentication
Does it support mobile banking functions? Can you give details?
emAS supports mobile banking functions with multi-factor authentication methods including cloud signature, Bluetooth token, facial authentication, and other OTP based authentication modes.
Which are the banks in India and abroad that have implemented emAS?
emAS is used by more than 40 banks in India including State Bank of India, Punjab National Bank, Canara Bank, IDBI Bank, ICICI Bank, Axis Bank, Kotak Mahindra Bank, IndusInd Bank and other foreign banks operating in India. emAS is also used by several leading banks in South Asia and Africa.
How does the solution create different types of authentication processes depending on the individual user’s risk profile?
To provide seamless user experience while maintaining utmost security, we typically bank on risk-based authentication controls. This allows us to proactively change the level of authentication that is required based on a user’s location, channel, past activity, operation being performed, preferences, transaction value or other factors. When a critical activity like fund transfer is executed, multiple authentication modes can be leveraged to provide the added, just-in-time assurance about the individual’s identity – without causing any inconvenience to the user. Moreover, risk evaluations can be performed multiple times per user session, and independent rules and thresholds can be set-up for specific activities, providing the bank with an on-going assurance about the validity of user transactions.
Apart from banks, which are the major users of emAS?
emAS is integrated with major core banking, eBanking and mobile banking applications including Finacle. However, emAS is an industry agnostic authentication platform, which can be implemented for providing enhanced security for any of the enterprise applications. Currently emAS is widely used in NBFCs, insurance, telecom, and government applications.
Which are the other areas where eMudhra is focusing to bring out digital tools, especially for the banking and financial services sector?
With eMudhra’s technically advanced solutions, we enabled banking and financial institutions to enjoy safe, quick and legally valid electronic customer on-boarding processes. This approach eliminates paperwork, thereby driving increased operational efficiency and faster turnaround time, which can go a long way in delivering better customer experience. eMudhra’s paperless office solution, emSigner, also offers intuitive configurable workflows for HR, legal and finance departments that supports multi-party signatures, identity validation, bulk signing, encryption and a whole host of other features.
eMudhra is also investing heavily into R&D on Blockchain for a variety of use cases in Banking and Financial sector.
