theOne Solution

TheOne is an Authentication as a Service (AaaS) solution that provides Strong Customer Authentication (SCA) to Financial Institutions, Payment Service Providers and Application providers. It is a service offered by Clydestone in partnership with Gemalto-Thales. The solutions allow users to deploy SCA solutions quickly and cost effectively. It enables subscribers of the service to offer their customers security and safety when transacting online. End-users can interact with their service providers using hardware tokens, CAP Devices or Mobile Apps.

TheOne strong mobile authentication solution, using latest biometric technology combined with digital expertise, provides the highest level of security for users to access services, confirm and to sign transactions. Reports from security specialists confirm mobile malware keeps exponentially growing in numbers and complexities. Effective security relies on multiple and independent authentication factors to ensure that no single point of compromise can lead to unauthorized account access. But implementation of such a solution can sometimes be punitively expensive, difficult and without a guarantee to offer the optimal user experience.

The Differenciators

The One Platform provides multiple layers of airtight security including:

Secure Development

The most critical parts of the solution are developed in native languages and concealed with Unique proprietary obfuscation techniques to prevent reverse engineering by hackers.

Advanced Security

The personalization phase, which consist of enrolling the mobile device and provisioning secret keys, is secured by a proprietary protocol which protect the solution against Man-In-The-Middle as well as SSL weaknesses

Malware Detection Techniques

To prevent the application from being linked to a debugger.

Risk Mitigation

TheOne detects rooted and Jail Broken Phones where OS Security features have been removed thus exposing the phones to potential Malware contamination. With TheOne, cloaking tools which hide the fact that a phone is jail broken or rooted will be detected.

Future Proof

The most critical parts of the solution are developed in native languages and concealed with Unique proprietary obfuscation techniques to prevent reverse engineering by hackers.

Multiple Security Features

TheOne features such as One Time Passwords, Challenge/Response, Transaction Data Signing, Randomized Secure Pin Pad, Biometric Authentication with Finger Print and Facial Authentication, Device Binding, Jail Break/ Root Detection, Anti Debug/ Anti Hooking, Advanced Obfuscation, Secure Storage, Secure Channel (on top of SSL), HSM based Key Protection amongst others.

Performance Assurances

Comprehensive Audit Logging and Reporting, Clustering and Load Balancers for High Availability and Disaster Recovery, Centralized Web Based Access for System Management. A single TheOne CAS Node supports 400 OCRA transactions per Second.

Supported Authentication & Signing Form Factors

Mobile Based Authentication, SMS OTP, Mobile Token, Mobile Out of Band (Push Notifications), OTP Tokens (1 button, PIN PAD), EMV CAP Readers (connected or unconnected), Dynamic Code Verification on Mobile.

Key Benefits of TheOne Multi-Factor
Authentication Solution includes:

theOne Dynamic Code Verification (DCV) Suite

TheOne Dynamic Code Verification suite is a complete “Card Not Present Security Solution”. The solution allows card issuers to replace the static security cryptogram traditionally used for online purchases, with a dynamic code displayed on the customer’s TheOne mobile protector. This time-based code makes it impossible for hackers to reuse stolen static card CVV data for fraudulent transactions. Furthermore, TheOne DCV solution enables card issuers to cut fraud without affecting the online payment infrastructure of eMerchants, PSPs and acquirers.

TheOne DCV mobile solution allows your customers to store their cards and use the dynamic codes on their mobile phone. Customers can choose to secure their stored cards with a PIN for a strong authentication layer. This solution provides a secure way to shop online, using the stored cards and the DCV feature. TheOne DCV Server stores all information related to users, and devices. It validates the dynamic codes generated by the mobile solution and sends the result to the authorization host.