Wheel Cerb AS for banking

Wheel Cerb AS for banking is a multi-factor user authentication and authorization solution designed for use in the financial sector. It has won a number of independent award rankings for the best online banking service security solution. Utilizing a variety of authentication methods, including a dedicated mobile application, it ensures secure access to internet banking services and safe transactions authorization based on a challenge-response mechanism. SDK enables seamless integration with existing banking systems and a web-based management interface allows for convenient user management. Push notifications support enables implementing innovative authentication and authorization scenarios.

Features:

  • web-based management interface
  • SDK for seamless integration with existing banking systems
  • a mobile application generating tokens independent of the GSM network
  • SMS broker support for sending one-time passwords in text messages
  • Yubikey, ActivIdentity and RSA hardware tokens support
  • TAN cards support
  • PUSH notifications support

Authentication methods

Wheel Cerb AS for Banking allows for using a number of different authorization methods making it a complete system which can be deployed in practically any environment.

CERBToken

It’s an easy to use application installed on a mobile phone, which generates one-time passwords for logging-in. CERBToken operates fully off-line as it does not communicate with Cerb. Passwords are generated using cryptographical methods and are verified upon logging in. CERBToken supports multiple profiles allowing for using the single app for accessing different environments, e.g. a bank, the corporate network, or an internet banking service. CERBToken can generate one-time passwords using time (a password generated for a given moment), counter (passwords are generated one after another upon explicit request). The CERBToken application is available for the following platforms: iOS, Windows Phone, Android, BlackBerry.

SMSToken

Enables sending passwords in text messages. A user enters his login on the website and receives a password valid only for a defined time period and only for this particular authentication request. The SMSToken also offers a password on-demand function – the user sends a text message to a specific number and in response receives a list of passwords (e.g. 5 passwords) which can be used for logging in to the corporate network, a portal, etc. within a specified time interval (e.g. For a period of 8 hrs after receiving the message).

TAN cards, passwords list, and emails

Wheel Cerb AS for Banking also enables distributing passwords using more traditional methods such as TAN cards (scratch cards) or password lists. Wheel Cerb AS for Banking integrates with printing and enveloping systems and all volume and time validity parameters are fully configurable. One-time passwords can also be sent in emails along with the information regarding their validity.

Static passwords

Wheel Cerb AS for Banking also supports static passwords. Users who cannot use the CERBToken application can authenticate using a static password.

Third party hardware tokens

Wheel Cerb AS for Banking supports a variety of third party hardware tokens, small devices generating one-time passwords.

Advantages

Secure access to a corporation's rescources

  • low TCO deriving from CERBToken: costs of smartphone tokens are much lower than the costs of hardware tokens
  • only active users are licensed
  • lifetime license – no need to periodically replace tokens with new ones
  • free software updates within the given product version
  • no logistics costs (hardware tokens have to be delivered to the user. CERBToken can be installed and configured by the user.)
  • no costs resulting from unreliable hardware solutions
  • no costs resulting from losing a dedicated hardware solution

"We offer our clients an optimal combination of security and ease of use. We’re the first bank in Poland and one of the very few in the world to offer an innovative authentication method such as TokenGSM in a mobile device. We’re also the first bank to offer such strong protection against phishing."

Wojciech Humiński, Eurobank Executive Board Vice President.

    • Multiple Active Directory domains support enables importing user information from different AD domains
    • Yubikey, ActivIdentity and RSA hardware tokens, TAN cards and static password support
    • user authentication statistics
    • Improved User Panel configuration
    • automatic user unblocking after a defined time period
    • system performance optimization for better resource utilization

Contact form

Are you interested in our products? Contact us.