2024 Product Updates: Keep Fraudsters Out of the Game With Proximity-Based Authentication

February 2, 2024
Mobile phone and laptop on blue background with Bluetooth and QR code symbols

Our new set of features has been specifically designed to safeguard against the array of attacks that are actively causing financial harm to both banks and their customers.

At Wultra, we understand the evolving landscape of cyber-security. As we move into 2024, we remain committed to providing cutting-edge solutions to protect against the ever-evolving slew of threats present throughout the banking sector. 

Today, we're excited to introduce three new features designed to fortify the banking experiences of financial institutions and their customers alike.

QR Code Authentication: Streamlined Online Banking Access

We’re rolling out an easier way for customers to access internet banking: Wultra’s Secure QR code login provides a secure, convenient internet banking login method. Instead of manually entering credentials (like an ID number, which is easy for attackers to steal via other communication channels), customers can simply scan a QR code that is displayed on their bank’s internet banking website. This, in turn, makes it possible for them to log in using authentication via mobile token. 

Laptop showing a login page and a QR code , blue background with icons of key and lock.

This feature eliminates the need for notifications and puts the customer in complete control of the login operation. By simplifying the login process, Secure QR code login not only provides convenience but also elevates the overall security of internet banking access.

Fortify Transaction Approvals With QR Code Proximity Verification

When a customer wants to make a payment or to log in to internet banking, they usually need to approve the operation via mobile token. To exploit this process, attackers can send a fraudulent approval request to the customer, and if persuaded by the fraudsters (or simply confused by receiving an unexpected approval request), the customer can approve it on their mobile device.

To counteract these kinds of unauthorized logins and operation approvals, our new QR code proximity verification feature prompts users to scan a QR code displayed on the transaction device. With a limited 10-15 second window for scanning, this feature enhances device security while also ensuring the physical presence of the individual authorizing the operation. 

This feature enhances device security and provides customers with greater confidence in the validity of their transactions. By adding an extra layer of authentication, there’s a minimized risk of attackers manipulating customers into approving fraudulent transactions. 

Bluetooth Transfer Check: A Proximity Shield

One common attack vector that has been observed at many leading financial institutions involves attackers exploiting the process of transferring mobile tokens to new devices. Previously, it was necessary for users to rewrite codes to confirm a mobile token transfer — and for attackers, this operation served as the perfect moment to take advantage of. Wultra's Bluetooth transfer check addresses this vulnerability by leveraging QR codes and Bluetooth connectivity between devices. 

With our feature in place, the QR code for transferring mobile tokens is only displayed after a successful Bluetooth connection has been established. This ensures a short-distance transfer and encrypts the data exchanged, providing an extra layer of security against unauthorized token transfers.

Three steps in a user journey - mobile phone showing a choice of activation options, switching  Bluetooth on, mobile phone displaying a QR code.

Our Bluetooth transfer check provides a user-friendly solution for securely transferring a mobile token from an old to new device. Additionally, it prevents attackers from exploiting the token transfer process by wrongfully obtaining a QR code and using it to authorize online banking operations.

Our Commitment to Secure Authentication in 2024 and Beyond

With each of the newest capabilities that we’ve implemented into our solutions, we’re protecting customers from being held responsible after an attack. This is crucial, as it’s ultimately the customer who is unknowingly involved in fraudsters’ schemes and unaware of how their actions are being exploited by cyber-criminals. Our new authentication features are built to provide customers with an added layer of security against these attacks as well as peace of mind while using online banking services.

As we’ve explored above, our new set of features has been specifically designed to prevent attacks that are actively causing financial harm to banks and their customers. In 2024, it remains our mission to mitigate these threats through our carefully crafted mobile authentication solutions.

Related articles


get in touch

Consider partnering with Wultra to meet compliance standards, deliver a secure and seamless user experience, and deliver additional value to your customers while improving your bottom line.

Ondřej kupka
Picture of Account Executive Ondrej Kupka
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.