Cashfac is a global leader in cash management software, with products in use by more than 10 major banks and 700 corporate clients, including asset managers, pension providers and property management firms. The company’s flagship product, Cashfac VBT, is the most widely used virtual accounts platform worldwide. So when the European Union introduced its PSD2 banking regulation, Cashfac had to ensure that its products met the new standard for access and payment validation: specifically, multi-factor authentication.
“When we started to look at PSD2, I was Product Director, but then I moved into the role of Chief Risk Officer,” says John Ferguson at Cashfac. “I worked very closely with the guys from operations and development, too, so I really had a 360-degree view of this project, looking at things in terms of risk and information security, as well as from a product point of view.”
For more than 1,600 users across 12 corporate customers, Cashfac itself delivers and hosts VBT as a service. That makes Cashfac directly responsible for PSD2 compliance with those customers, making sure that the people authorising payments or accessing accounts are who they say they are and leave an indelible record of their actions.
With MIRACL, Cashfac integrated a solution that delivered just that, enabling strong, multi-factor authentication to meet the requirements of PSD2.
“We make a point of building everything in-house, but it would have taken a vast amount of time to build something like MIRACL,” says John. “It makes absolute sense to go with a specialist for authentication. You can count the products we integrate with on one hand, and MIRACL is one of them.”
The best of the benchmarked solutions
The Cashfac application acts on behalf of its customers to initiate payments with banks. Authentication is essential to that process, but it is not the only element at play: the product also has to perform checks to validate a payment, ensure that it is routed to the correct accounts, and confirm that it will not push accounts into overdraft positions, among other tasks. New developments must avoid adding to that complexity, in order to keep the product user friendly.
The team benchmarked a number of authentication solutions, including Okta, OneSpan, Authy and Hypr.
“The first time we looked at MIRACL, we thought it was too good to be true,” remembers John. “But it provided the most innovative, cost-effective and scalable MFA solution, and met all of our technical requirements. Above all, the MIRACL team demonstrated from day one that it understood our needs and would work collaboratively in a true partnership.”
Using industry standard connectors and SDKs, Cashfac deployed MIRACL at speed. Looking back, John considers key learnings from the process. “My advice to anyone doing a project like this is to produce a proof of concept with your technical people, then play that back to the decision makers. Get positive messages out there, and work with a couple of friendly customers to start the communication early about the change. Choose a simple use case and get it working.”
MIRACL delivers extra functionality for Cashfac’s corporate users with dynamic linking and signing of batch transactions. Combined with MIRACL’s detailed audit trail, Cashfac can now give customers forensic levels of accountability for actions on their accounts. In addition, the records make compliance with PSD2 Strong Customer Authentication (SCA) easy, by providing data on the volume and value of payments.
“We need to reassure customers about fraud protections while making our app accessible,” says John. “In our design, we are careful to look for the most logical, simple way of doing things, and we think we’ve pulled it off. With MIRACL we’re not making the login and authentication process any more complex than it needs to be.”
Simple onboarding and an ongoing partnership
The company integrated MIRACL and went live with the 12 regulated companies and 1,600 users using Cashfac as a service, with no issues, in just six months. Moving beyond this initial customer base, Cashfac now integrates MIRACL as standard with its current product release, and encourages its customers to enable MIRACL as an SCA-compliant security enhancement.
“People are surprised by how straightforward MIRACL is,” says John. “It cuts through the fears people have about changing access to a system, such as getting locked out accidentally. Onboarding customers is simple. The feedback has been really positive, all the way up to board level.”
Now the team is looking to set up a mobile authenticator, working together with MIRACL to find the best solution for its needs.
“A real benefit of working with a smaller company is that we get access to top people early on,” says John. “You get directed right to the person that you need to be dealing with, so that you can speak to the real experts.”
To receive more information about MIRACL solutions, case studies and single-step MFA, subscribe to our newsletter.
To see how MIRACL can improve your company’s security while creating a painless login process for your customers or employees, schedule a demo here.