Introduction

KeyLead is a digital banking application, developed to provide banking services especially to corporate customers. it is currently operating in six major banks in Iran.
This application has made it possible for individuals and holders of joint/corporate bank accounts (multi-signature accounts) to perform banking and payment operations in a secure and easy way by using digital signature and biometrics.

Another strength of KeyLead is the possibility of granting access to the corporate accounts to non-signatories. This feature is especially useful in multi-signature accounts and for legal entities; Thus, the signatories of companies and businesses, who are usually very busy people don’t need to hand over a token or give access to other people for performing financial affairs or receiving the reports.  They only need to do is to open the app after receiving the notification, and sign the payment orders by their biometrics (fingerprint or face recognition).

At present, the online intelligent authentication service (eKYC) based on this infrastructure has been implemented and is operating in one of the major banks of the country. This service comprises the prospect of attracting more customers by eliminating the need to visit the branch.

Adanic’s approach to Implementation of keyLead is mainly focused on simplicity and security. Since KeyLead authentication is based on Digital Signature, users do not need to enter a password to perform banking and payment operations, and so they are able to perform banking operations simply by authentication through biometric features of their cell-phone.

Due to the fact that KeyLead provides a digital signature platform, in addition to acting as a substitute for conventional hardware tokens, it could also be used in the field of authentication and log-in framework instead of expensive and complex hardware tokens. In other words, KeyLead is an application in which the cell-phone acts as a customer’s digital signature token and supports their multiple signatures in banking operations. by connecting to the CA root, the possibility of official digital signature of the electronic bank drafts has also been provided and implemented in one of the major banks of country. to add, the official digital signature of electronic bank drafts is based on PAdES (PDF Advanced Electronic Signature).

Currently, the number of active installations of KeyLead application in the banking network has reached more than one million times and the number of daily digital signature transactions of this system is also more than 3 million transactions.

Main Features of KeyLead:

  • Support for multi-signature accounts By fetching information about the conditions of withdrawal from the banking core, KeyLead makes it possible to comply with all legal and registration issues of multi-signature and corporate bank accounts.
  • Supporting customizable workflows users that create payment orders can specify a different and specific order for each of the signatories. For example, in a company, payment orders may be referred to the CEO for signature after approval by the CFO, and then a specific mix of board members can view and sign it.
  • Supporting access control and defining the roles of individuals in the company Each company usually assigns different types of access by company’s different accounts and employees, and to simplify this procedure, KeyLead has eliminated the need to refer to the bank branch; The available permissions in Keylead include viewing the company’s invoice, creating a payment order, viewing the final payment, and the payment receipts of a specific account.
  • Mobile cardboard on cell-phones Company managers and members of the board of directors, can easily and quickly be notified about registration of the payment order that they have to comment on, while They themselves have access.
  • Signing payment orders using fingerprints KeyLead uses the features of new smartphones to allow users to sign their payment orders faster and more securely by using their fingerprint scan and thus removing the need to remember various passwords. However, in case of interest, users can also define a local password for their mobile application.
  • benefiting from the security features of the new generation of smartphones In order to prevent disclosure of user confidential information, KeyLead utilizes the Secure Element in smartphones to hold encrypted keys and perform secure encryption.
  • Asymmetric cryptography To achieve the highest level of security and irrefutability, KeyLead uses an asymmetric encryption mechanism based on private and public keys. this way, the user’s private key is not removed from the phone’s security processor, and all requests sent by the phone to the central keyLead service provider will be encrypted at the origin with this private key. on the bank side, however, using the user’s public key, their integrity and authenticity are being verified.
  • Support sending batch files up to 2000 lines on KeyLead web panel The company’s financial staff can make their group deposits by preparing an Excel or CSV file and uploading it to KeyLead. This transaction category is aggregated in the signatories’ cardboard.
  • Support integrating all types of bank transfers in a simple form Unlike other existing banking software in which the user has to fill in complex and separate forms for different types of money transfers, in KeyLead a payment order can include different types of money transfers where detection of the type of transaction is done both intelligently and user-friendly.
  • Determinations of signatories and the order of their signatures The registrant of the payment order can determine which of the signatories has to sign a payment order and what is the order of their notification and signature. The company leader can also define the default signatories and the default order to avoid duplication when registering a payment order. • Report staff performance The company leader can view detailed reports of activities of accessible personnel in the company accounts.
  • Provide exclusive versions for different platforms In order to achieve the highest level of application compliance with the standards of different platforms (Android, iOS, Web), specific versions of each of these platforms have been developed.
  • complementary services
    • Provide invoices and online account balances
    • Possibility of consolidating personal and company accounts together
    • Online inquiry of Bank account holder name
  • Provide advanced management and reporting facilities in the keyLead branch panel
    • Enable and disable user signatures
    • Search customer accounts based on two parameters: customer number and national code
    • Enable and disable customer accounts in KeyLead
    • Control the daily withdrawal in-bank and inter-banks limit for each account
    • Control the default withdrawal ceiling and the maximum daily withdrawal ceiling of the whole system
    • Inquire the national code from the Registry Authority
    • Manage user emergency access through the call center
    • Report customer activities based on various parameters over a period of time
    • Branch performance report
    • Authentication of users through integration with Active Directory