Safetronic is an enterprise grade security platform that provides a single trust anchor for organisations to authenticate user identities, transactions and secure high-value B2B payments across a variety of contexts and channels.
Safetronic is a collection of authentication services that are combined to provide a convenient out-of-the-box solution to cater for different security requirements and application use cases.
Safetronic (formerly known as SafeSign) supports a wide range of high availability, high volume and high assurance security services in banks, government departments and enterprises globally.
Support an omni-channel authentication approach with a consistent frictionless customer authentication experience across all digital channels. Enable adaptive risk-based approach to security through a range of methods for different levels of authentication.
Heterogeneous MFA - connected mobile security tokens capable of transaction signatures with dynamic linking of the transaction context with biometric authentication, push authentication, QR code signing, PKI signatures, smartcard, OATH, EMV CAP, soft & hard tokens.
User Identity and Access Management enforcement using a range of methods for different levels of authentication. Central policy and risk-based approach to authentication of online transactions through security tokens.
Channel Independent Connected Multi-Factor Authentication (MFA) through Salt mSign Mobile Tokens enabling Biometric Password-less Login and Transaction Signing that is PDS2/SCA Compliant
Comply with the regulator requirements such as the European Payment Services Directive (PSD2) for Strong Customer Authentication (SCA), whilst retaining a flexible customer focused approach to authentication.
Safetronic supports a diverse range of PSD2/SCA compliant authentication mechanisms simultaneously. The scalable Safetronic architecture future proofs your authentication investment and enables you to expand your existing security platform to accommodate new or additional authentication mechanisms as they emerge.
Protect High-Value B2B Payments such as the UK BACS, Faster Payments, CHAPS and Faster Cheques; ensuring traceability of all transactions with robust tamper evident audit trails.
Safetronic for securing payment submissions is a tried and tested platform that is at the heart of the UK payments infrastructure since the inception of BACSTEL-IP.
Support HSMs (Hardware Security Modules) for secure storage of sensitive assets, token keys, shared secrets, SSL cert private keys and database protection.
Entrust nShield HSMs (formerly known as Thales nCipher) are fully supported with HSM key ceremony procedures if required. Safetronic supports HSMs through the PKCS#11 Java Cryptography Provider. Migration from soft-HSM also supported.
Legacy Token Replacement using brokering to delegate to 3rd Party authentication servers, enabling a non-disruptive migration to a more contemporary biometric mobile authentication
Brokering capability enables proxy of authentication requests to 3rd party proprietary servers. Delegate authentication requests that match the pre-configured criteria to external servers via either RADIUS or web service calls.
ISO-9564 Card PIN Validation
Australian payments industry compliant ISO-9564 Format-0 card PIN validation with support for interface into Interchange AS2805 (ISO8583 equivalent) for payment transaction messaging, identity verification and card PIN management.
Lightweight Safetronic "Echidna Edition" focused on interfacing to a range of Identity and Access Management (IDAM) infrastructures and to general-purpose access gateways through Web Services, OIDC, RADIUS or ADFS to provide user authentication services.
Operate as Identity Provider (IdP) to enable Access Management products to delegate their user authentication to Safetronic as a Federated Identity Provider
Salt mSign mobile security MFA token for authentication of the user identity and transaction independent of the delivery channel that initiated the request; including SDK option to embed within existing mobile apps
Biometric user authentication, Push authentication, QR code transaction signing, InterApp mobile app-to-app authentication
EMV CAP authentication including support for verfication of signatures generated by CVN cards
PKI signature generation and validation including certificate status checking against CRLs and OCSPs
Open Standard OATH tokens that are compliant to: OCRA, TOTP, HOTP
Legacy/proprietary hardware token support for Vasco/OneSpan DigiPass and ActivIdentity
SMS/Email OTP provides an entry level solution that enables rapid onboarding of new and occasional users
Salt Mobile digital identity security tokens enable high assurance trust and authentication of devices, user and transactions.
Standalone contemporary mobile apps for authentication of user identity and verification of transactions independent of the delivery channel that initiated the request.
Safetronic has been at the core of the UK payments network since the inception of BACSTEL-IP in 2002. The Banker’s Automatic Clearing System (BACS) selected the Safetronic platform to authenticate payment transactions, ensure traceability of all transactions and provide robust audit trails.
Safetronic provides a unique multi-channel signing and validation capability to support simultaneous connection to the 20+ member banks that form BACS. This removes the complexity of securely supporting and managing multiple PKIs from the applications themselves and separates the application logic from security functions, ensuring compatibility with all relevant PKI standards and the required levels of compliance and governance for each scheme.
Comply with the regulator requirements such as the European Payment Services Directive (PSD2) for Strong Customer Authentication (SCA), whilst retaining a flexible customer focused approach to authentication. The directive requires that customer and transaction authentication across digital channels be implemented by a compliant multi-factor mechanism that incorporates knowledge, possession and inherence which ensures that both the originator of the transaction and the transaction content can each be strongly authenticated and bound to each other.
Safetronic has been designed to support a diverse range of PSD2/SCA compliant authentication mechanisms simultaneously. The scalable Safetronic architecture future proofs your authentication investment and enables you to expand your existing security platform to accommodate new or additional authentication mechanisms as they emerge.
Safetronic when used with Salt Group's PSD2/SCA compliant Salt mSign Connected mobile token enables organisations to utilize a single authentication method across all digital channels and abstracts the authentication layer from the business logic.
Safetronic "Echidna Edition" (Echidna) is a lightweight edition of the Safetronic authentication platform focused on interfacing to a range of Identity and Access Management (IDAM) infrastructures and to general-purpose access gateways through Web Services, OIDC, RADIUS or ADFS to provide user authentication services. Echidna is available as a virtual appliance which allows an organisation to deploy Echidna in a matter of hours.
Echidna includes web-based consoles for Administration and User Self-Service for Token Lifecycle and User Management capabilities; also available as APIs to enable interfacing with the organisation’s User Management Systems. Authentication Services are future proofed through a pluggable architecture that allows an organisation to adopt new authentication methods as they emerge, without expensive retrofit or system remediation.