Denis took the stage at Kuppingercole to explain why Onegini empowers digital insurers. How do you get customers online? How do you increase interactions? He explains business challenges like how to onboard your customers? How do you create a frictionless user experience? But at the same time there are some technical challenges insurers face like Single Sign-On, many silos and compliance and regulation like GDPR.
We'll be releasing Onegini Connect 3.1 Carrot on June 14th, 3:00 PM - 4:00 PM CEST, empowering the digital insurers. Onegini Connect 3.1 includes Onegini MSP 3.1 and Onegini CIM 3.1. We'll tell you all about the exciting new features of the release in detail on June 14th. The webinar will be interesting to both new and existing customers, so sign up now!
With MSP 3.1 (soon to be released), QR authentication has become part of the core product. This means that an end-user can login to your website by scanning a QR code with a mobile phone. It is easy, fast and secure. Anyone can do it. Take a look at the 4 second video below what that looks like...
Buy a pair of shoes. Get the extras on your car insurance. How many online transactions do you do in a week? Do you ever wonder what would happen if the other party would say: "You also bought this and this". Where is the proof you didn't? Companies have the same problem the other way around. How can they prove you did the transaction? What if you would just say: "it wasn't me"? It's a trust economy. Once the trust is broken, the transactions stop.
Start using your customer's mobile device for a signature. Fast, traceable and secure. Maybe you need a pincode on top. Or maybe a QR code scan or fingerprint? Enter transaction signing in the Onegini MSP 3.1. I'll explain the technical details, the options you can use to configure it, and how it works functionally. Tracable. No man in the middle. No hard thinking. At the heart of it all lies a user's private key and a lot of cryptography and legislation you don't have to worry about.
Your browser knows a trick to prevent hackers from accessing your api’s using your session: the same-origin policy. It makes sure your api's can't be accessed by malicious websites. Let's say you're logged in on facebook.com and open another tab in your browser and access myhackedsite.com. Your browser shares sessions between tabs, so without the same-origin policy, myhackedsite.com could access all the api's from your facebook account using your session. Thank you same-origin policy for not letting myhackedsite.com post all kinds of weird things on my facebook timeline.
Ever struggled to provide end-to-end security from your backend API's to your mobile apps? How to make them OAuth 2.0 compliant? Maybe you use an API Gateway like CA API Gateway or Apigee’s API Gateway or Akana. You may have noticed their primary focus isn't mobile. Maybe you don't have an API Gateway, but you have REST API’s that you partially want to open up to your customers. Your backend developers would like to reuse existing security protocols like basic auth while your app developers just want to focus on the functionality in the app.
I’ll explain in this blog how Onegini helps you solve this issue, so you can start opening up your backend to mobile users in weeks. And now with the Security Proxy 2.0 release, it will even go faster, because your API architecture can remain as is. But first, let's take a step back and see how the Security Proxy 1.0 worked.
Security Proxy 1.0, an introduction
feel free to skip if you are already familiar with our solution
The Onegini MSP takes care of OAuth 2.0 token management between mobile device and server through native mobile SDK's. The solution manages authentication through biometrics or PIN after which an backend API can be requested. A high level picture of this process is shown below (see our docs for a full component overview).