Transaction Security
Every transaction has two parties involved, one being the sender and other receiver. I-AM® Cryptographic identity along with I-AM® Attribute chain’s enables us to verify the payee and payer associated with the transaction. Any unauthorized beneficiary can be easily detected and blocked before one could exploit the transaction.
Protection from MITM and MOTM attacks.
How does it work?
Technology
I-AM® Attribute chain makes it possible to link various beneficiaries to the identity with a cryptographic binding. This attribute binding can be verified at both client and server end hence preventing Man-On-The-Machine(MOTM) and Man-In-The-Middle(MITM) attacks respectively.
Federated Authentication
Attributes for the user can be binded/updated through bulk/single API. These attributes are synced with I-AM® SDK after successful CI-Phi Authentication with the platform.
Bank at any point can invalidate/disable any blacklisted attributes which intrun will be reflected on client side.
Workflow
On the client side I-AM® SDK embedded into mobile app which will provide API’s for local verification of user attributes. Before initialization of a transaction this API can be used to verify the beneficiary involved in the transaction. Transaction will be sent to server only on successful verification hence preventing MOTM attacks.
Once the transaction is received at the backend server, corresponding server API’s can be used for reverification of the parties involved in the transaction hence preventing MITM attacks.