Secure Display Layer

Sign what you see

The authenticity and integrity of the transaction shown to the end-user is extremely important. That is why we verify that the display is not tampered with and that the integrity of the secure execution environment is not damaged.

How we're secure

Protection against root level malware

Regulation such as PSD2 and 3DS puts a lot of requirements on PSPs and card issuers. With the Okay SCA solution we help you both conform to regulation and protect your app from malware and criminal actors:

Dynamic linking is kept through the SCA process

Authenticity, integrity and confidentiality is verified for everything displayed

We protect against innovative new forms of malware

The transactions are tracked and logged

Possession and ownership is verified for each use

We provide a separate Secure Execution Environment

Server-Side Screenshots

Passive overlay detection through screenshots analyzed on the server-side .

Floating Windows

Active overlay detection mechanisms for floating windows and the like.

Robot Detection

User verification through accelerometer readings.

Obfuscation

Malware resistance through obfuscation. Just-in-time transfer or generation of obfuscated executable code and server-side verification.

Continuous Encryption

Encrypted storage which can only be decrypted with a one-time key from a secure server before immediate re-encryption.

Honeypots

Tamper resistance through honeypots & multiple integrity tests.

Protection against root level malware

Protection against all threats, now and in the future

When you provide a payment service there are a large number of potential threats

Network attacks, such as man-in-the-middle and attacks on your server-side

Overlay attacks, where a user is tricked into approving a fraudulent transaction

Accessibility attacks, where the app is remote-controlled by malware

Root type attacks, where the internal functionality of your app is reverse engineered and modified

Local storage attacks, where keys and other important information are extracted from the app’s storage

Malware that can steal text messages, intercept voice calls and change what happens when a user clicks on an icon

For more information, dive into how our SCA solution works or check out the Okay use-cases.

Verified by

Verified by industry experts

Interested in more?

Read our whitepapers

Secure Display Layer

Sign what you see

The authenticity and integrity of the transaction shown to the end-user is extremely important. That is why we verify that the display is not tampered with and that the integrity of the secure execution environment is not damaged.

How we're secure

Protection against root level malware

Regulation such as PSD2 and 3DS puts a lot of requirements on PSPs and card issuers. With the Okay SCA solution we help you both conform to regulation and protect your app from malware and criminal actors:

Server-Side Screenshots

Floating Windows

Robot Detection

Obfuscation

Continuous Encryption

Honeypots

Protection against root level malware

Protection against all threats, now and in the future

When you provide a payment service there are a large number of potential threats

Verified by

Verified by industry experts

Interested in more?

Read our whitepapers

Want to know more?