News

EDB - Secure internet banking log-in using a mobile telephone

Published: 2008-12-17

Oslo (17 December 2008) Many Norwegian internet banking users currently rely on security calculators to log in to their internet banking accounts. EDB, working in collaboration with the Norwegian technology company Encap, is now launching a new solution for secure log-in using a mobile telephone. The new solution may replace about 3 millions security calculators currently in use in Norway.

"We have recognized that Norwegian banking customers need a secure but simple way to access their internet bank without having to rely on a security code calculator. We have now found a solution that will simplify their everyday use of internet banking", explains Wiljar Nesse of EDB.

An increasing number of Norwegian banks currently use the BankID system for logging in to their internet banks. BankID uses what is known as two-factor authentication. Two-factor authentication uses "something you know" and "something you have" (often termed KNOW and HAVE factors). In practical terms, this normally means using a password and entering a code generated by a security instrument. Until now, banks have only been able to offer their customers security calculators or scratch card codes. These provide a high level of security, but do mean that the customer has to have the relevant security instrument to hand when carrying out authentication.

New services also need authentication
Norwegian banks are very actively involved in launching a number of new services that require authentication. Examples of this include Mobile Banking and the 3-D Secure security protocol to authenticate card transactions carried out over the internet. These services are in demand by customers, who need to be able to use them wherever they are.

Authentication using the mobile telephone
EDB can now offer two-factor authentication based on using a mobile telephone handset. The solution is simple to use, and authentication can be carried out from most models of mobile telephones sold in Norway over the last three years. The solution delivers secure authentication using a mobile telephone, which is something that customers will in practice always have available wherever they are. The Norwegian technology company Encap developed the solution, which is now being made available for Norwegian banks in collaboration with EDB. The solution uses the mobile handset Java platform, and therefore operates regardless of which mobile operator the banking customer uses.

"We have recognized that Norwegian banking customers need a secure but simple way to access their internet bank without having to rely on a security code calculator. We have now found a solution that will simplify their everyday use of internet banking", explains Wiljar Nesse of EDB.

An increasing number of Norwegian banks currently use the BankID system for logging in to their internet banks. BankID uses what is known as two-factor authentication. Two-factor authentication uses "something you know" and "something you have" (often termed KNOW and HAVE factors). In practical terms, this normally means using a password and entering a code generated by a security instrument. Until now, banks have only been able to offer their customers security calculators or scratch card codes. These provide a high level of security, but do mean that the customer has to have the relevant security instrument to hand when carrying out authentication.

New services also need authentication
Norwegian banks are very actively involved in launching a number of new services that require authentication. Examples of this include Mobile Banking and the 3-D Secure security protocol to authenticate card transactions carried out over the internet. These services are in demand by customers, who need to be able to use them wherever they are.

Authentication using the mobile telephone
EDB can now offer two-factor authentication based on using a mobile telephone handset. The solution is simple to use, and authentication can be carried out from most models of mobile telephones sold in Norway over the last three years. The solution delivers secure authentication using a mobile telephone, which is something that customers will in practice always have available wherever they are. The Norwegian technology company Encap developed the solution, which is now being made available for Norwegian banks in collaboration with EDB. The solution uses the mobile handset Java platform, and therefore operates regardless of which mobile operator the banking customer uses.
Customers of banks that offer the service need to install the new solution on their mobile telephones, but this is a simple task.

Customers make their own choices
Each bank will make its own decision on whether to offer authentication from mobile telephones, and will also decide whether to offer this as an alternative to current solutions or whether it should replace them. One possibility is that Internet banking users will be given the choice of which HAVE instrument they wish to use. The new solution satisfies the requirements set by the Norwegian Banks Standardisation Office for a HAVE instrument to use with the BankID system.


For further information, please contact:
Wiljar Nesse, Executive Vice President - Bank & Finance, EDB. Tel: +47 934 48 116
Christian Testman, Chairman of the Board, Encap AS. Tel: +47 95 11 33 95
Torgeir Kristiansen, Information Director - Corporate Communications, EDB. Tel. +47 901 27 909


About EDB
EDB Business Partner is a leading Nordic stock exchange listed IT company. The EDB group has more than 6,000 employees, with annual turnover of around NOK 8 billion. EDB delivers solutions that cover the entire range of business-critical IT services from application services and industry-specific solutions through to IT operating services and network solutions. EDB is committed to being a close and responsive IT partner that helps its customers operate more efficiently and achieve their business objectives. EDB Business Partner is listed on the Oslo stock exchange with the ticker code: EDBASA. See www.edb.com for more information.


About Encap
Encap is a Norwegian software company that has developed a unique and patented solution to use mobile telephone handsets as an element in online user authentication. The solution replaces the need for the code calculators and scratch cards currently used for access to banking services. Encap is approved by the Norwegian Banks Standardisation Office (BSK) as a mobile two-factor authentication solution for BankID. Banking industry applications for Encap two-factor authentication include secure log-in to internet banking, mobile banking and two-factor authentication of internet shopping card transactions (3D Secure). For information on additional areas of application and more detailed information on the Encap technology, please see www.encap.no

Encap AS, Martin Linges vei 25, NO-1364 Fornebu, Norway
Org./VAT #: 989 488 546 
© ENCAP ® 2001-2010 All rights reserved.