Secure Platform (ESP)

API Authentication

Market coverage

  • Global
  • Secures access to all digital channels and any sensitive transactions initiated through them

  • Keeps friction to a minimum by analyzing risk and applying the appropriate authentication method

  • Includes a one-touch in-app authentication experience with seamless transaction signing for sensitive transactions

  • Enables passwordless login on all browsers

  • Eliminates phishing and similar attacks targeting your customers, agents, or employees

  • Use the secure channel for In-app messaging for direct customer engagement (Smart Messaging)

  • Meets all relevant regulations globally

Customer authentication

In-app authentication

By deploying Entersekt’s patented technology to your customers’ mobile devices, you can uniquely identify each of them and communicate with them directly over a mutually validated, end-to-end encrypted channel, wherever they happen to be.

Browser Authentication

Entersekt’s web security solution combines digital certificate technology, device fingerprinting, and web-based cryptographic binding technology to create a unique browser identity that you can trust. It’s the best of both worlds: a highly secure and scalable certificate-based browser identifier enabling passwordless login and an intuitive orchestration layer to detect threats and step up when needed.

App-free alternatives

What if your customer doesn’t use your app or has lost their phone? Entersekt’s solution provides authentication capabilities that don’t rely on an app or even a mobile phone, including SMS or email one-time passwords or the support of FIDO-compliant hardware tokens.

Smart messaging

Entersekt’s smart messaging solution comprises two discrete services – user notifications and calls to action – all within the safety of your banking app.

User notifications

Entersekt’s in-app user notifications allow you to send private information to your customers that, although highly pertinent to them, doesn’t necessarily require any action on their part or even an acknowledgement of receipt.

Calls to action

Use Entersekt’s in-app calls to action service to engage your customers about time-sensitive matters that require them to perform a task or make a decision. A customer can assess the urgency of the request and decide whether to respond immediately or later when it’s more convenient. You can then send a reminder if the customer forgets to respond. To streamline their responses, you can provide shortcuts to a relevant app functionality – pointing them to a specific statement, for example. The service gives the customer one easy-to-use secure platform from which to manage their finances.

The implementation of the Entersekt solution is flexible, providing configurable and customizable elements. There are three areas of development/integration that need to be considered. This can either be done by the institution itself or with the support of one of Entersekt’s partners.

  1. Customer end-point implementation:
    1. Mobile app implementation
      1. Based on Entersekt’s native (iOS and Android) or hybrid (cordova) SDK.
      2. Entersekt also offers a branded authenticator application to eliminate the need for mobile integration.
    2. Web app implementation using our JS web library.
  2. The Entersekt Secure Platform is integrated into the institution back-end infrastructure through SOAP and Rest APIs enabling back-end integration within the organization’s DMZ.
  3. Infrastructure Deployment on-premise (physical appliance or virtual host), cloud, or SaaS.

Entersekt’s Knowledge Center contains a range of technical documentation, from implementation guides to materials for developers. Entersekt solution architects are also available to guide the customer through the process.

Customer authentication


Send a multi-factor authentication/authorization message to a registered user.

Possible Auth Attributes:

  • Push_notify: If true, a push notification will be sent to the user’s mobile device notifying the user that a message is waiting.
  • Title: Title of the message.
  • Text: Text displayed in the message.
  • Button: Array of button objects that will control user choice of responses.
  • Value_pair: Display key-value pairs in message.
  • Text_box: Display an input field in the message.
  • Certificate_alias: The attribute which is set to an alias that will indicate which certificate the device will use to sign the auth instead of the emCert.
  • Multifactor: The multi-factor attributes which could be used. (ios_touch_id,
    android_fingerprint, app_multifactor, app_pin)


Generate a QR code from encrypted offline auth data used to deliver authentication message to an offline device.


A method to securely retrieve information from the mobile device.


Retrieve a sign-up code. The sign-up code is used to link the user to an appliance on the institution back-end.

Smart Messaging

Push notification

Send a customized notification to the lock screen of a customer’s device.

  • SEND()

User notification

Send a customized, secure message to the message center of a customer’s mobile app.

  • Add()
  • Get()
  • GetAll()
  • Delete()
  • DeleteAll()

Call to Action

Send a secure request to the message center of a customer’s mobile app, requesting the user to respond.

  • Add()
  • Get()
  • GetAll()
  • Delete()
  • DeleteAll()

About the provider

DIGITAL CHANGES EVERYTHING. Consumer devices are here to stay. For the vast majority, they’ve become the preferred means of engaging with the world. Organizations have had to adapt fast and digitize their business models to stay competitive, focusing on the delivery of rich, new experiences through a range of sophisticated digital services designed for both mobile and the web. But these new services, especially when offered by financial institutions, also represent a less risky route for fraudsters to follow to rob us of our money and personal data.

That’s where Entersekt comes in. At Entersekt, they’ve always envisaged a world where everyone can interact and transact digitally without fear or compromise. Entersekt’s technology has taken us one step closer to making that vision a reality.

Entersekt is an innovator of customer-centric fintech solutions. Financial services providers and other enterprises rely on Entersekt’s patented mobile identity system to provide both security and the best in convenient new digital experiences to their customers, irrespective of the service channel. With Entersekt, they can concentrate on their innovation roadmap, while delivering intuitive, low-friction digital experiences to their customers.