Out-of-Band Authentication
In this use case, VCAS allows the issuer to authenticate cardholders outside of the private session that VCAS has with the cardholder during the transaction flow. The most common OOB authentication method is biometrics, leveraging the cardholder’s mobile banking application and the biometric functionality in the smartphone’s operating system.
| Pros | Cons | RDX Calls |
|---|---|---|
| More seamless experience | Requires three API calls. | Stepup |
| Typically more secure than OTP via SMS or email | Additional development required to integrate into issuer's existing mobile banking application. | Initiate Action |
| Support of additional OOB authentication methods | Cardholder adoption of the mobile banking application; issuer may need to use another authentication method with OOB. | Validate |
Flow Diagram
Required RDX Calls:
Updated 11 months ago