Poste Italiane Taps CA Technologies to Secure Mobile Payments App
Published on: 20th Mar 2014
Note -- this news article is more than a year old.
USA based CA Technologies says that its mobile payment authentication service has been adopted by Italy's postal service Poste Italiane.
Postepay App, downloadable free from iTunes Store and Google Play, allows customers to interact with a wide range of Poste Italiane services allowing them to check account balances, add funds to prepaid cards, add funds to a prepaid mobile phone and transfer funds.
Postepay App uses the new PosteID system based on CA AuthMinder to give customers a simple, effective and secure way to carry out transactions using their mobile device.
CA AuthMinder uses one-time passwords, device-specific credentials and other out-of-band authentication to help verify identities.
"Employees, customers and partners want to connect with businesses in a way that's most convenient to them - and today that means through a mobile device," said Mike Denning, general manager and senior vice president, Security, CA Technologies. "The challenge is to make sure those mobile connections and transactions are secure and convenient, and CA AuthMinder can help customers meet that challenge."
To use the service, the Postepay customer must first sign-up on the Poste Italiane website and register the mobile devices intended for use with Postepay App. A text message is then sent to the registered mobile number with a unique activation code associated with the Postepay App installed on the device. On activation, the PosteID software credential (equivalent of a hardware token or smartcard) is sent to the device. The PosteID credential is locked to the device and can then be used in combination with the user's PIN to verify his identity. In the event of theft or loss of the PosteID certified mobile device, the customer can contact the call center to temporarily block the associated credential. The credential can be reactivated once the old telephone number has been passed to a new device or a new credential assigned.