I am Senior Software Engineer on the Platform team at N26 - Europe's first completely mobile bank, trusted by more than 1.000.000 users in 17 countries. I have been working as a Backend engineer for the last 7 years, 5 of which have been in the FinTech space. I am proud of working on the persistent challenge of building secure systems while still providing an amazing user experience.
In this presentation you will see how we protect online card transactions at N26. N26 is a bank that is completely hosted in the cloud and gives users control over their finances from the smartphone. In this talk we will explore how we implemented the 3DS Mastercard SecureCode protocol (also known as online payer authentication) with safety and user-experience as priorities. What things as a bank we do differently.
3DSecure is an important add-on for online user authentication offered by many banks, which provides an extra layer of security for online transactions. Like many security measures, the most popular implementation of 3DSecure (i.e. enter the Xth, Yth, Zth letter of another password) obstructs users from their end goal of paying for something. When it was time for us to implement it, we knew it had to look, feel and function in the N26 way. This meant a mobile-first experience that fits in with the intuitive behaviour that our users expect and are proud of.