websights Crédit Agricole Consumer Finance: secure and seamless access with SaaS MFA

Looking for inwebo.com? You are in the right place! Read all about it in our blog post

Come and join us in person at upcoming industry trade shows and conferences

Join us for an insightful 30-minute webinar designed to empower your external identities online onboarding process!

How Crédit Agricole Consumer Finance secures and streamlines access to its sensitive services with a SaaS multi-factor authentication solution

Feedback from Crédit Agricole Consumer Finance on their project to secure and simplify access to their sensitive services for 50,000 partners with a MFA solution that complies with the GDPR and the recommendations of the European Banking Authority (EBA). Security and user experience requirements achieved for the company thanks to the implementation of a SaaS based multi-factor authentication solution (MFA).

CRÉDIT AGRICOLE CONSUMER FINANCE

The Crédit Agricole Group's specialist consumer credit subsidiary

CA-consumer-finance

Sofinco, alongside major retailers

Crédit Agricole Consumer Finance, historically known in France as Sofinco, distributes a wide range of personal loans and related services in several countries through all distribution channels: direct sales, point-of-sale financing (automobile and home furnishings) and banking partnerships.

Alongside major retailers over the 19 countries where it is present, notably through FCA Bank, CA Consumer Finance offers its partners flexible and responsible solutions adapted to their needs, but also to those of their customers.

Virginie Nentoussi

Security Project Manager, Crédit Agricole Consumer Finance

Marine Clarisse

Security Architect, Crédit Agricole Consumer Finance

Virginie NENTOUSSI and Marine CLARISSE tell us all about their experience with TrustBuilder as part of the project to secure access to sensitive services for 50,000 Crédit Agricole Consumer Finance partners.

Smart Connect, a connection portal for partners

Crédit Agricole Consumer Finance offers a range of powerful and innovative solutions to boost their partners’ business. Some of these digital solutions are accessible via the Smart Connect portal.

Smart Connect was launched in 2020 to address the ongoing challenges of security and authorization. This solution allows partners and contributors to manage their own access and authorization on our sales front-ends at their own convenience.

Thanks to this service, contributors can save time in managing their vendors, while eliminating irritants and security issues, such as insecure password transmission, the creation of generic accounts when changing passwords, or delays in creating accounts. All of these operations are carried out through the various forms of this portal, which is the only point of entry for partner requests.

This portal can be accessed by everyone from a browser, whether on a tablet, a mobile or a workstation, which makes it easier for all contributors to use. In fact, regardless of the partner’s mode of operation, all they need is access to a browser to carry out their management actions.

9 500

employees

2 billion

banking products at the end of 2021

15 million

customers

19 countries

international presence

Project: Meet both security challenges and increased regulatory requirements, without compromising the UX

Protect a unique access portal

Phishing and brute force attacks are increasing and the banking sector is a target of choice for attackers.” underlines Marine Clarisse. “We need to reassure and provide effective solutions against these attacks.”

Limit account sharing and simplify the login experience

The sharing of credentials is a serious threat to IT security. And yet, it is frequently done between colleagues in the same workplace who need to access the same applications. Therefore, it is essential to limit this sharing of access between users, which compromises the security of the information system. And this can be carried out by using a MFA solution. It is a more complex and individualized authentication that makes users aware that they are twisting a security system when sharing a password might have seemed harmless to them.

By implementing MFA, CA CF intends to make the access to their connection portal nominative in order to limit the access to their different services / solutions to authorized persons only.

What the Group was looking for ...

Implementing a MFA solution can address a number of issues [...] and in particular provides 99% protection against phishing and brute force attacks

"When we started out, we had multiple vendors sharing the same account. It was indeed convenient for them. Today, with Smart Connect and the implementation of MFA, we want to eliminate this account sharing and make vendors take responsibility for their actions while making it easier to access our environment"

RGPD and PSD2 Compliance

By providing and distributing financial services, which involves collecting very sensitive personal data, CA CF is required to comply with both the PSD2 and the RGPD. In fact, the consequence of the DSP2 directive is to set new rules and make multi-factor authentication mandatory for access to bank accounts and the management of sensitive operations.

psd2

Focus on security and UX for CA CF's MFA project with inWebo

When choosing the solution, we were looking to streamline the user experience”, underlines Marine CLARISSE, who adds that“TrustBuilder is a user-friendly solution that is very easy to use and to get use to it“.

A majority of their user population is in-store and they need to be able to access the Smart Connect portal in front of their customers quickly and easily. The aim is to meet current needs while adapting to changing use cases patterns. ” It’s an innovative solution that covers all our use cases in a homogeneous way and simplifies the access journey. Marine CLARISSE

TrustBuilder.io MFA is a Passwordless solution that allows to get rid of UX ans security constraints linked to passwords. CA CF draws particular attention to the technology developed which enables users to authenticate themselves using the browser token (Deviceless MFA). This is an exclusive feature on the MFA market.

Certified by ANSSI and recognised as PSEE

Patented technology certified by French CyberSec Agency, based on dynamic random keys, combined with HSM. TrustBuilder is also an outsourced service provider (PSEE)

User friendly MFA

User-friendly and passwordless solution (PIN code) for easy and fluid access to the portal

Browser token

Technology that allows users to use their browser as a trusted device (token) - in addition to mobile, desktop and tablet tokens

PSD2 Compliance

Addressing compliance and UX issues related to the Directive PSD2

White label development

SDK and API allowing "white label" development to personalize and unify the login experience

Individual support

CA CF emphasises the "personalised support provided by inWebo's teams during the implementation of the solution".

Results: Simplified and secure login portal

Protect a unique access portal

The implementation of TrustBuilders MFA has enabled Crédit Agricole Consumer Finance to streamline the login experience of its partners to their tools and sensitive data. Whether in store, in the office or on the move, they have faster and easier access to their applications. “With TrustBuilder, the user only needs to enter his PIN code, instead of the 12-character password that has to be changed every 90 days. ” says Virginie NENTOUSSI

"The browser token has the advantage of not requiring any installation and makes it possible to control the level of security provided to an external user independently of the device used"

Users are also more autonomous in managing their account. They can manage their equipment (tokens) and enrol a new browser, tablet or smartphone themselves, either by displaying an enrolment code to enter or by receiving a link by email.

Going further

CA CF intends to add new identification modes (email, phone number) and strong authentication modes to their project roadmap MFA. This will allow them to extend access to their services to B2C channels and internal uses.

"With inWebo's multi-factor authentication, we intend to facilitate and modernise access to our services, both for our customers and our partners"

Protect identities and data access with TrustBuilder.io MFA

Contact us for a demo or to start your free trial.