MOBILE BANKING AND PAYMENTS
MOBILE APP LOGIN
Several biometric modalities are supported for superior security and flexibility
Device- and server-centric architectures are supported, including FIDO®
Three architectures are supported: Device-Centric, FIDO® Certified, and Server-Centric. Knomi D offers software that performs all functions on the device. Knomi F adds FIDO Certified and FIDO Ready components. Knomi S moves functions to the server, including biometric template creation, matching and storage.
Modular software components are available a la carte or as a bundle
The following illustrates the software components available to satisfy each architecture:
Biometric template storage and matching is performed on the device, as are algorithms for autocapture, liveness detection, and spoof detection.
- Mobile Face Authenticator. SDKs running on the device to perform facial image capture and analysis designed to quickly capture high-quality facial images and detect spoof attempts. Biometric template generation and comparison are also performed. Incorporates elements of Aware’s PreFace and Nexa|Face™ SDKs.
- Mobile Keystroke+Face Authenticator. This authenticator applies keystroke dynamics and facial recognition simultaneously to achieve exponential performance improvements in both biometric matching and spoof detection.
- Mobile Voice+Face Authenticator. This authenticator applies both voice and face authentication, with simultaneous capture for an ideal user experience.
FIDO® Certified Authentication
Knomi F is a family of software products for biometric authentication that are either FIDO Ready as conformant with the specifications of the FIDO Alliance or additionally FIDO® Certified and interoperable with other FIDO-certified products.
- FIDO Face Authenticator. FIDO Face Authenticator allows a user to login to a mobile application of a relying party (such as a banking app) using their face for authentication. It applies interactive liveness detection, including eye blinking. The facial biometric sample never leaves the security boundaries of the authenticator application. FIDO Face Authenticator is Level 1 UAF version 1.1 FIDO Certified for Android and iOS.
- FIDO Keystroke+Face Authenticator. This authenticator applies keystroke dynamics and facial recognition simultaneously to achieve exponential performance improvements in both biometric matching and spoof detection. This authenticator is FIDO Ready.
- FIDO Voice+Face Authenticator. This authenticator applies voice and face authentication and liveness detection, with simultaneous capture for an ideal user experience. This authenticator is Level 1 UAF version 1.1 FIDO Certified for Android and iOS.
- FIDO Client. FIDO® Client is the intermediary application that helps to bind FIDO authenticators with the relying party mobile application. FIDO Client can look up all FIDO authenticators on the device, and communicate via JSON messages standardized by the FIDO ASM API. FIDO Client is FIDO Certified.
- FIDO Server. FIDO® Server enables a relying party server to offer FIDO-based login from their mobile applications. FIDO® Server encapsulates the FIDO features required at the server, such as maintenance of the FIDO login policies, management of the public keys, and verification of the signatures created on the mobile device. FIDO Server is FIDO Certified.
More information about FIDO Certified authentication products can be found here.
Biometric template storage and matching are performed on the server, with algorithms for autocapture and liveness/spoof detection operating on both the device and on the server.
- Mobile Face Client. Application running on the device to perform facial image capture and analysis designed to capture high-quality facial images quickly and to detect spoof attempts. Built upon the PreFace Mobile SDK.
- Face Authentication Service. Server-based software API for facial template storage and matching. Built upon the Nexa|Face SDK.
- Face Liveness Service. Server-based API for facial image analysis, including liveness detection and spoof detection. Built upon the PreFace SDK.
- Keystroke+Face Authentication Service. This authenticator applies keystroke dynamics and facial recognition simultaneously to achieve exponential performance improvements in both biometric matching and spoof detection.
- Voice Authentication Service. This authenticator applies high-performance voice authentication, offering an alternative to facial recognition when preferred by the user or in conditions when facial recognition is insufficient.
Knomi Server is the component of the Knomi mobile biometric authentication framework that can be integrated with identity servers to quickly enable them with password-free multifactor authentication (MFA) using biometrics on a mobile device.
For organizations using an identity and access management (IAM) platform to implement secure access control, SSO, and federation for employees or customers, adding Knomi enables users to login to assets normally accessible by PC or browser with a username and password by instead biometrically authenticating on their mobile device in an “out-of-band” fashion. Knomi Server has been integrated with several leading identity and access management products. Any enterprise can integrate Knomi to enhance their identity platform with multifactor authentication using out-of-band mobile biometrics, making login to their online assets more secure and convenient for their employees.