PSD2 & SCA Compliant

One credential.
Every touchpoint.

Your customers enroll once on mobile, then authenticate seamlessly across web banking, corporate portals, and partner checkouts. Hardware-backed passkeys with dynamic linking—no SMS codes, no 3D Secure redirects, no friction.

Start Building View Documentation

FIDO2 Certified

SOC 2 Type II

WebAuthn Level 2

🔒 bank.acme.com/login

Sign in to ACME Bank

Scan QR with your mobile app

ACME Bank

Web Login

Scan the QR code

Point camera at QR code

◆

LUXE

Checkout

Premium Headphones Black · Qty 1

$199

USB-C Cable 2m · Qty 2

$29

Ship to J. Doe · ···· 4th St, NYC

Total $247.99

Pay with ACME Bank

The Problem

Current authentication methods are broken

SMS OTP

Interceptable

SIM swap attacks compromise millions yearly. SMS can't be bound to transaction details.

$68M stolen in 2023

3D Secure

Conversion killer

Bank redirects cause 10-30% cart abandonment. Customers hate leaving your checkout.

-25% conversion

Push notifications

Friction

Requires switching apps, installing authenticators. No cross-platform credential sharing.

Per-app silos

The Solution

Passkeys that actually work everywhere

FIDO2 authentication with dynamic transaction linking, delivered as a two-line SDK.

Hardware-backed keys

Private keys live in the device's Secure Enclave (iOS) or StrongBox (Android). They never leave secure hardware—not even you can extract them.

Dynamic linking

Every signature is cryptographically bound to the exact transaction: amount, recipient, timestamp. Attackers can't modify details after authorization.

One enrollment, every channel

A customer who enrolls on your mobile app can instantly authenticate on web banking, corporate portals, or merchant checkout integrations—without re-enrolling. The credential syncs via iCloud Keychain or Google Password Manager.

Mobile banking app

Web banking portal

Corporate treasury

Merchant checkout

For Developers

Two lines. That's it.

SCA compliance in a single SDK call.

Client-side (any platform)

            // Signs the request with user's biometric
            const response = await sdk.fetchWithSignature(
              '/api/payment',
              {
                method: 'POST',
                body: JSON.stringify({
                  amount: 4200,
                  recipient: 'alice@bank.com'
                })
              }
            );
          

Server-side (any language)

            // Verifies signature + extracts user ID
            const { verified, userId } = 
              await sdk.verifySignature(req);
            
            if (!verified) {
              return res.status(401).json({
                error: 'Unauthorized'
              });
            }
            
            // Safe to process payment
            processPayment(userId, req.body);
          

2ms average verification. SDKs for JavaScript, React Native, Flutter, Node.js, Python, Go.

Use Cases

Built for high-stakes moments

Every interaction where you need to prove it's really them.

Payment authorization

Authenticate card-not-present transactions without 3D Secure redirects. Cryptographic proof the cardholder approved the charge.

Bank login

Passwordless authentication for mobile and web banking. One biometric, no SMS codes, works across all your digital channels.

Open banking payments

PSD2-compliant consent and payment initiation. Users authorize account access and payments with a single biometric.

Document signing

Non-repudiable signatures for contracts and agreements. Cryptographic proof of identity bound to every signed document.

Account recovery

Regain access without passwords or security questions. Biometric proof of identity replaces "mother's maiden name."

Identity proofing

KYC verification during onboarding. Match a real person to their government ID with liveness detection and biometric binding.

One credential. Every touchpoint.