Development of a Desktop Authentication Token System for Financial Institutions

Financial services

Identified Challenges in Corporate User Authentication for Financial Services

The client currently utilizes mobile-based security tokens for secure authentication and transaction authorization. However, this solution presents challenges for corporate users without company phones, leading to operational inefficiencies. Additionally, emerging legal requirements mandate two-factor authentication for all electronic payments, necessitating rapid development of a desktop-based solution to ensure compliance and improved user experience. Limited internal expertise and capacity demand a flexible, rapid deployment of a secure desktop authentication system.

About the Client

A mid-sized bank or financial service provider seeking to enhance secure authentication options for corporate clients, especially for users without mobile devices.

Goals for Developing a Secure Desktop Authentication Solution

Design and develop a secure desktop application facilitating user authentication and financial operation authorization without the need for additional devices.
Ensure compliance with relevant security standards such as PSD2 and EBICS.
Simplify logistical and support processes by eliminating auxiliary hardware like smartcards or RSA tokens.
Achieve a deployment timeline of approximately five months for timely compliance with legal requirements.
Enhance the user experience for corporate clients by providing a convenient and secure alternative to mobile tokens.

Core Functional Requirements for the Desktop Authentication Application

Support for secure user authentication and authorization of financial transactions through desktops.
Compatibility with Windows and macOS platforms.
Utilization of strong cryptographic algorithms with RSA key storage directly on the user's device for enhanced security.
Elimination of the need for external hardware tokens such as smartcards or RSA tokens.
Ease of deployment and maintenance for banking staff and corporate clients.

Preferred Technologies and Architectural Approaches

Electron for cross-platform desktop application development

React with TypeScript for user interface implementation

Advanced cryptographic algorithms for security

Secure storage of cryptographic keys on local device

Necessary System Integrations

Bank’s existing authentication and transaction processing systems
Legal compliance standards such as PSD2 and EBICS protocols

Non-Functional Security and Performance Requirements

Application must meet PSD2 security standards and EBICS compliance
RSA keys and cryptographic operations must be securely stored and executed locally
System should support rapid deployment within a five-month timeframe
High system reliability and availability to ensure uninterrupted user access

Projected Business Impact and Benefits

The implementation of a secure desktop authentication token system is expected to simplify user operations for corporate clients, eliminate dependence on external hardware tokens, and significantly enhance security compliance. The project aims to enable financial institutions to offer a convenient, reliable, and compliant two-factor authentication solution, leading to improved client satisfaction, reduced operational costs, and timely legal compliance within a five-month deployment window.