Irdeto

Category: Security

Irdeto

About the company

Irdeto is the world leader in digital platform security, specialized in renewable and diversified software security. Irdeto’s software security technology and cyber services protect more than 5 billion devices and applications against cyberattacks for some of the world’s best known brands. For nearly 50 years, Irdeto has worked with software application providers, connected device manufacturers, pay-media operators, content creators and financial institutions to secure their products and business models. We provide a modular, software-based security platform tailored for the needs of each industry. We leverage our technology, numerous patents and global experience in defeating pirates and cybercriminals to provide holistic and responsive protection for our customers and their customers. We secure our customers’ devices and applications in the present, and give them the future-proof technology and flexibility to build a more secure future. Besides payments & banking, the industries Irdeto services include media & entertainment, automotive and IoT.

About the product

The financial industry is undergoing major disruptions. One of these disruptions taking place is that financial institutions are increasingly opening up their services to third-parties. PSD2 in the EU is a great example of this. Besides the vast array of opportunities and innovation this will bring along, the industry must realize that security risks increase with it as well. Where financial industries used to control both the customer portal and the back-end services, in the new situation only the latter will be in their direct control. In most cases, their services will be exposed to the outside world through so-called Open APIs. In practice, this means that the services will be initiated from every possible (omni-channel) device and application. Currently, industry standards for securing these Open APIs are outside-in focused (e.g. SSL/TLS, https://, etc.) complemented with authentication protocols as OAuth2. As Irdeto has learned from other industries that have undergone comparable disruptions on openness before (e.g. media & entertainment), to have only outside-in security practices in place is insufficient to protect from the latest hacking techniques. Not to mention that they’ll meet the high security levels pursued by financial institutions in general.

For these reasons, Irdeto developed services in two areas to make the financial industry more secure: the user application (can be either mobile or web) and the interface between the user application and the server (often referred to as API). Product names: Irdeto Secure Apps and Irdeto API protection. By having these two products in place, financial institutions meet the security levels required to cope with the latest hacking techniques.

Features

The most important features that make our offering so unique are:

  • The code is hardened from the in-side out and renewed periodically, making it rather impossible for hackers to break into it
  • We developed techniques to verify that the piece of code that enters the (bank’s) server is authentic to the one that was placed in the (third-party’s) user application. So if anomalies are identified, we can make sure that no manipulations of data are accepted into the server.

Currently, Irdeto is protecting 700 EUR million in payments and more than 5 billion devices and applications against cyberattacks. Irdeto’s security expertise enables banks and payment services providers (PSPs) to deliver a convenient and safe digital shopping and banking experience for consumers.

Applications and APIs must be hardened from the client to the server, across all devices, browsers, interfaces and gateways. Irdeto helps banks and PSPs capitalize on digital disruption by taking security to the next level. The most important USPs of our solutions for Payments & Banking are:

  • The piece of code (either user application or API) is hardened from the in-side out and refreshed multiple times a day, making it rather impossible for hackers to break into it
  • We developed techniques to verify that the piece of code that enters the (bank’s) server is authentic to the one that was placed in the (third-party’s) user application. So if anomalies are identified, we can make sure that no manipulations of data are accepted into the server.

Moreover, our services are:

  • Platform-independent
  • Compatible with all browsers
  • Quickly, easily and seamlessly integrated into web and mobile application (no additional development time required)
  • Quickly replicable across any platform

Want to add Irdeto to Backbase? Let’s talk!