A dedicated mobile app to capture Strong Customer Authentication for PSD2

Features > Core Features

Solution Components
The Quali-Sign product consists of a smartphone / tablet app (Android & iOS) only. To communicate with the bank, the app utilises the (highly secure) 'Electronic Banking Internet Communication Standard' (EBICS) and performs the role of an EBICS Client.
Therefore, to implement the Quali-Sign app, a bank must first install an EBICS Server. Quali-Sign has partnered with IBM who offer EBICS support within their Sterling File Gateway product. This product is already in use by many banks.
The app makes extensive use of the Electronic Distributed Signatures (EDS) module of EBICS. This offers a workflow capability, that allows a business process or data (e.g. payment instruction) to be placed on hold until the necessary number of user authorisations have been captured.
Multi-user authorisation
All users and permissions are configured and managed centrally on the EBICS Server. A user can belong to one or more 'customers' (sometimes referred to as a partner). The user is then assigned permissions within the context of the 'customer'.
The bank must define a list of 'order types'. Each order type is associated with a data format. Order type permissions are assigned at both a 'customer' and 'user' level. At the 'customer' level, the bank specifies the minimum number of signatories for the order to be approved.
Users who have the necessary permissions to approve a specific order, will be notified (triggered via a push notification) that their authorisation is required. The order data is automatically downloaded by the app. The user is then able to review a summary and, if necessary, can drill into the detail. Users can either approve or request cancellation of the order.
Payment Permissions
Users can be assigned account permissions specific to a payment order or globally, across all payment orders. Daily limits can also be assigned to users. These can apply to a payment order, or to a combination of payment order and account.
Fine grained entitlements can be assigned via an 'authorisation level' (E, A or B see below). For example, Joe Smith has the following daily limits for Instant SEPA Credit Transfer payments, debiting A/C 12345678:
Single signature (E): Up to €500. I.e. dual approval is not required.
First signature (A): Up to €50,000, together with a colleague (who has corresponding E, A or B permissions).
Second signature (B): Up to €500,000, together with a (more senior) colleague (who has corresponding E or A permissions).
The Quali-Sign app fully supports all user permission combinations, available within the EBICS standard. The EBICS EDS module will only ask a user to approve a payment order if they have the necessary permissions. This includes account and limit permissions. The EDS provides a summary report of all the orders that are awaiting approval.
Payment Status
Whether a user has initiated or approved a payment, they may wish to monitor the ongoing status of the payment. To monitor payment status within the app, users must be configured on the ASPSP's EBICS server to receive Payment Status Reports (PSR's) in the ISO PAIN.002 v3 format.
The app displays Message, batch and transaction status in Red, Amber or Green categories.
Red indicates a rejection, a partial rejection or pending status.
Amber indicates 'in progress'.
Green indicates that settlement is complete.
The user can filter on status colour. For example, they may only wish to show Red items. Where reason information is available, this is clearly flagged.