February 25, 2016 -
Encap Security announced the release of version 3.1 of its Smarter Authentication platform which includes support for Android’s fingerprint API and better protection against man in the middle (MITM) attacks.
The company says this release builds on Encap’s support for Apple’s Touch ID and Samsung’s fingerprint sensor and now with support for Android’s fingerprint API, all devices using this system can be used by financial institutions to provide fingerprint access to their services.
The API is part of Android’s Marshmallow update and is currently used by Google’s Nexus 5X and Nexus 6P devices, with more to follow.
With this update, protection against MITM attacks now extends to the OS level. Previously all data communicated between the app and the Encap server was encrypted by the SSL layer on the device, making any network level intercepted data useless. Now all data is encrypted on the app layer before being passed to the SSL layer so even devices that have been compromised by malware to have the SSL libraries manipulated or replaced by malicious code or are jailbroken will still be perfectly safe to use as a security credential.
Encap 3.1 also sees its white label Android authentication app rebuilt according to Google’s ‘Material Design’ guidelines, and new quick custom branding options built in that makes branding the app incredibly simple.
“We are dedicated to creating a platform that allows banks the freedom to add authentication methods as they become available – and offer that choice to their customers,” said Thomas Bostrøm Jørgensen, CEO, Encap Security. “Smarter Authentication 3.1 builds on our previous work by future-proofing our fingerprint options and making the app even safer to use – even if the device itself is compromised.”