A Bank wishes to authenticate an individual attempting to add a new payee to an account
| Features | SMS OTP | Module App | USSD Push | Myriad USSD Push |
|---|---|---|---|---|
| Content interception | Easy | Difficult | Difficult | Difficult |
| Data not persistent | ||||
| Sim Swap secure | N/A | |||
| Secure against ‘man in the middle’ attack | ||||
| Mobile device compatibility | ||||
| No data connectivity requirement | ||||
| Global network reach | ||||
| No data connectivity requirement |
With Myriad Connect’s service no persistent data is held with any third party, providing a more secure service than current two factor authentication services, for example using SMS, where data is stored and therefore vulnerable to being intercepted.
Using USSD provides an entirely out-of-band channel for authentication, with all interactions transmitted over the mobile network, which is separate to the browser or online channel being used by the customer to initiate the transaction. Myriad Connect’s session-based service sends an advanced push notification to open up a conversation between the bank or payment provider, to deliver a real-time check to verify the identity of the customer, which cannot be tampered with via compromised third parties within an operator or bank.
A clear audit trail is also established, where the user’s identity is verified by a party external to the transaction. This results in a technology that will greatly enhance the security of transactions vulnerable to SIM-swap fraud.
