The Leader InMobile Security. InAuth.
Enhanced Authentication and Fraud Prevention for Mobile Applications
Enhanced Security, Authentication, Risk Detection, and Risk Assessment for devices transacting through mobile applications.
Utilizing an easy-to-integrate SDK, InMobile provides permanent mobile device identification and risk assessment. InMobile interrogates mobile devices for thousands of attributes, such as build information, media details, usage data, using the data to create a unique and permanent device ID and uncovering high-risk indicators to understand device trustworthiness.
Greater trust allows businesses to seamlessly authenticate good consumers, make more confident transaction decisions, and expand mobile channel functionality without the fraud risk.
PERMANENT DEVICE IDENTIFICATION WITH INPERMID
InAuth is the only provider to produce a unique and permanent device ID, InPermID, for devices transacting through mobile apps. InPermID survives app uninstall/reinstall and operating system upgrades and cannot be spoofed. This allows your business to recognize and differentiate returning devices with confidence.
The mobile device can act as a trusted second factor of authentication, proving “something you have”. Authenticating your customers can be done within a few steps, and risky devices can be stopped in their tracks.
InAuth identifies compromised devices including those infected with Malware or Crimeware, Jailbroken/Rooted, as well as confirms the integrity of your mobile app with Application Validation.
DEVICE ANALYSIS & RISK ASSESSMENT THROUGH INRISK
Though it’s risking solution, InRisk, InAuth analyzes collected data and applies unique and customizable rules to identify business-relevant risk information. InRisk utilizes customizable scoring based on the Anomalies, Velocity, Location, Integrity, List-Based, and Device Reputation.
This scoring, along with the raw data from the device, can be applied into any existing back-end system in your environment via RESTful services APIs, in order to better understand device trustworthiness and act according to your specific organizational policies – allowing, denying, or requiring additional authentication.
SMS and email messages have been proven to be insecure channels to pass sensitive information. Without context, messages sent in these channels can cause confusion for the consumer, resulting in increased call center interaction or abandoned transactions – both costly and an inferior customer experience.
InMobile’s Secure Messaging uses our encrypted architecture to securely package contextual, transaction-specific messages for delivery to a device associated with an InAuth InPermID. Secure Messaging reduces reliance on costly, ineffective, and insecure 3rd party message providers and ensures that only the intended device can receive and read the message. Messages are delivered on YOUR branded application, not third-party SMS or email apps, ensuring trust in the message and a better user experience.
Policy-Based White Box
InAuth implements White Box Cryptography within it’s InMobile SDK using a Soft Secure Element (SSE), allowing for secure and encrypted storage of sensitive data within your business’s mobile app.
Our Policy-Based White Box allows your business to securely store private information, such as customer, account, or identity information, within the encrypted White Box and apply extra controls for access. For instance, if a device is rooted, has malware, or is in an unapproved location, we can enable your business to prevent device access to your mobile app.
Criminals have the capability to build websites that looks like a legitimate business website. Through social engineering, malware, or other attacks, fraudsters fools the user into connecting with the wrong site.
Certificate Pinning allows businesses to avoid many different attacks by preventing traffic interception between the legitimate mobile app and their server and exclusively connect to the correct server.
Under the Hood
HTTPS leaves businesses vulnerable to fraud through interception attacks. Trusted Path is InMobile’s security architecture that prevents interceptions by providing a complete secure path to transport sensitive information, which is encrypted end-to-end, digitally signed, and protected against replay attacks.
This is the only device in the world that can read the intended message
Prevents brand-damaging attacks, such as man in the middle, man in the application, or session hijack attacks
Compatible with existing network architecture, eliminating custom integrations and resource costs for customers