The communiqué published by the Central Bank of the Republic of Türkiye (CBRT) on December 1, 2021, which mandates multi-factor authentication for e-money and payment institutions, has been extended until September 30, 2023. Meanwhile, the Banking Regulation and Supervision Agency (BRSA) detailed all requirements related to multi-factor authentication in its circular on remote identification and transaction security published in March. These developments make it essential for banks and financial institutions to ensure that their security solutions fully comply with the regulations.

As a financial technology company, Architecht addresses these regulatory needs swiftly through its mobile application and transaction security product PowerFactor, which enables full compliance with multi-factor authentication requirements.

Continuing to provide up-to-date solutions to the financial sector with its products and services, Architecht meets the industry’s needs through PowerFactor, which offers multi-factor authentication both as SaaS and on-premise. Currently, PowerFactor operates securely across more than 25 mobile applications of 9 financial institutions, with ongoing installations. So far, over 700 million transactions have been securely executed by more than 4 million end users through PowerFactor.

Regulatory Compliance Made Easy with User-Friendly PowerFactor

The BRSA’s March circular on remote identification and transaction security outlined, in detail, the procedures for multi-factor authentication, mobile application security, transaction approval, and contract signing processes. Architecht completed all required developments within PowerFactor for financial institutions subject to BRSA regulations and successfully passed security tests.

Additionally, the CBRT issued a communiqué regulating the management of information systems used by payment and electronic money institutions, independent audits by authorized organizations, and data-sharing procedures among payment service providers. For transactions covered by this law, the provisions of the Law No. 6698 on the Protection of Personal Data (KVKK) will take precedence, and compliance with the stipulated procedures and principles is mandatory.

Through PowerFactor—which provides multi-factor authentication, mobile application, and device security both as SaaS and on-premise in Türkiye and Europe—institutions can rapidly and safely comply with these regulations while optimizing their customer experience.

Protecting the Digital World Beyond Banking

Beyond the banking and finance sector, PowerFactor also meets identity verification and application/device security needs in various digital industries such as e-commerce, healthcare, and mobile gaming.

Architecht’s General Manager Ökkeş Emin Balçiçek stated:

“Mobile applications, with their practical and fast structure, are among the digital tools we use most in our daily lives. We rely on countless mobile apps for finance, health, shopping, and entertainment. Yet, as mobile use increases, so do cyberattacks and online fraud attempts. With PowerFactor, our continuously updated cybersecurity product, we enable users to protect themselves from cyber threats and allow companies’ end customers to log in and approve transactions securely.”

Much More Than Multi-Factor Authentication

In addition to multi-factor authentication, PowerFactor also offers mobile application and device security as well as contract and transaction signing. Balçiçek emphasized that PowerFactor combines the three key security capabilities financial institutions require into a single SDK.

Currently used by 9 financial institutions in Türkiye and Europe, both as SaaS and on-premise, PowerFactor includes extensive security controls such as:

• Anti-injection

• Root & jailbreak protection

• Anti-debugging

• Anti-emulation

• Anti-malware

• Anti-keylogging

• Device binding

User-Friendly Admin Console

PowerFactor’s comprehensive and user-friendly management console enables financial institutions to easily manage features, configurations, authorizations, activations, and more with just a few clicks—without increasing total cost of ownership. The product can be deployed both in local cloud (SaaS) or on-premise environments.

Balçiçek added that PowerFactor provides a dedicated monitoring panel for institutions to track transactions, performance, and errors. Through this panel, institutions can configure channel features and manage customer activations. He also underlined that PowerFactor fully complies with the CBRT regulation prohibiting SMS-based mobile banking logins and meets all security sensor requirements defined in the BRSA’s latest circular on remote identification and transaction security.

An Award-Winning Security Solution

PowerFactor has been recognized with several prestigious awards:

• Silver Sardis Award in the “Most Successful Security Solution in SaaS Transformation” category

• Golden PSM Award for SaaS Transformation

• Second Place IDC Award in “Security and Fraud Management”

• Two Gold Stevie Awards in “B2B Products” and “Technology Providers for Financial Services” categories

Since its launch, PowerFactor has helped Architecht’s clients ensure their users’ accounts are protected against fraud and cyberattacks—while significantly improving overall customer experience.