What is the TSYS Authentication Platform?The TSYS Authentication Platform provides issuing clients real-time verification of your customers’ identities. It’s a powerful, sophisticated solution designed to help you more effectively combat the continuing rise in identity theft and account-takeover fraud.

Why do you need a next-generation identity-verification solution?Fraud losses worldwide are project to top $34 billion by 2022.¹

Data is stolen from the dark web, through phishing schemes or by using malware. Bogus identities can be created with as little as a name and email address. You need an authentication solution that can address fraud without severely impacting the customer experience.

How is the Authentication Platform better than other solutions? Most authentication solutions today rely on reported data. This leads to hours or days of lag time, which means the information you’re relying on to verify a customer’s identity is out-of-date.

TSYS Authentication Platform: FAQs

Some solutions compound this by incorporating self-reported data from public records, which is even less reliable.

Our Authentication Platform is driven by real-time data gathered directly from remote cardholder touchpoints, such as websites or mobile apps. The result: more timely information for highly dependable identity verification.

What types of information does the platform collect? The solution scans your own data as well as relevant data across the entire Authentication Platform — cross-issuer and cross-border. This information might include when a customer opens a new account, updates his or her account profile, changes a password or transfers funds.

More important, the platform draws upon both personally identifiable information (PII) and data regarding specific customer interactions and financial transactions. No other platform brings together this type of data for identity verification.

What is personally identifiable information (PII)? PII is data that can clearly identify a specific individual in a transaction or interaction. Examples include name,

1

address, phone number, social security number, date or place of birth, or mother’s maiden name. This sensitive PII is typically encrypted when it’s transmitted. PII can also include more generally identifying information such as employment or educational history, or financial or medical records.

How are customer identities verified by the Authentication Platform?Our platform is powered by a proven, machine-learning engine. This engine continuously absorbs multiple data streams on customer behavior — processing rules and events within milliseconds in order to deliver 'learned' identity insights and drive decisions in real time. The advanced engine was developed in conjunction with Featurespace — the world’s leading provider of Adaptive Behavioral Analytics technology for fraud and risk management.

Our platform’s intelligent authentication not only accesses cardholder interactions and transactions moment-by-moment, but also data associated with previous customer behavior and known fraudulent attempts. This helps you stay a step ahead of ever-evolving fraud.

1 The Nilson Report, November 2018, Issue #1142

SM

TSYS AUTHENTICATIONS PLATFORM FAQs

What case management tools are available? The Authentication Platform gives your fraud prevention team an array of highly intuitive, interactive dashboards, real-time fraud alerts, visualization tools and business reporting to help resolve cases and manage risk, quickly and effectively. Your case managers can also use ‘what-if’ analysis to explore different scenarios and apply new rules or adjust existing rules and workflows to efficiently address the latest schemes and tactics.

How flexible is the Authentication Platform in adapting to varied risk appetites? With our Authentication Platform, you’ll have ample flexibility to establish specific rules for different data attributes — to maintain your desired risk level or calibrate the cardholder experience. Options range from virtually transparent identity verification to active fraud-prevention measures such as one-time passcodes or facial recognition.

A unique feature is that the platform is consortium-based, so data is available for all issuers to use in appropriate ways as part of rules-making and machine-learning enhancements. This benefits everyone who uses the platform.

Can I take advantage of third-party solutions together with your platform?Simply put, yes. We’ve worked closely with several third-party fintech providers to integrate our Authentication Platform with their solutions that address device, mobile phone or email risks — or that incorporate the latest breakthroughs in biometric identifiers or document scanning.

Initially, our platform seamlessly integrates with solutions from InAuth, Payfone and Emailage:

• InAuthenticate, InBrowser and InMobile from InAuth — InAuthenticate provides trusted, secure two-factor authentication, while ensuring a frictionless customer experience. Rather than relying on texts, emails, hardware tokens or a call center to verify a customer’s identity, customers simply open a mobile app and respond to a message sent through the solution’s Trusted Path to confirm or deny a transaction.

• InBrowser delivers best-in-class browser intelligence to authenticate devices through advanced fingerprinting technology — to assess device risk and protect your cardholders transacting through online channels.

• InMobile provides permanent identification of smartphones and other mobile devices, screens for device integrity and security features and offers risk assessments for devices handling transactions through mobile apps.

• Payfone Trust Platform — Payfone validates identities, builds trust and improves customer satisfaction with up to ten times faster, frictionless and fraud-free digital experiences. Customers get tokenized Payfone IDs, which essentially become passports to improved customer experiences — generating real-time Trust Scores to verify each customer’s identity. Payfone’s Anti-SIM Swap technology can detect when a SIM card has been swapped and notify a cardholder’s bank when this or other out-of-the-ordinary events occur to thwart porting fraud. Because Payfone communicates in real time with mobile carriers, it knows the moment a swap takes place and can dramatically reduce or eliminate SIM swap fraud and other account takeover attacks.

• Emailage — Emailage uses email address metadata to assess transactional risk and validate digital identities. This provides fraud signals to more than 40 million unique email addresses connected to IP addresses, domain names, phone numbers, and more, allowing you to approve more customer transactions while minimizing fraud.

In all cases, our solution will process data from these solutions and make it available to the platform’s rules, case management functions and orchestration tools. Over time, we plan to integrate additional third-party solutions with our Authentication Platform. 2

~$34 BillionProjected fraud losses

worldwide in 2021¹

Does your platform meet Europe’s PSD2 standard? Our platform is designed to address the PSD2 Regulatory Technical Standards (RTS) based on Strong Customer Authentication (SCA). SCA verifies a customer’s identity through a combination of:

• Something you know (e.g. PIN or password)

• Something you have (e.g. card or phone)

• Something you are (e.g. fingerprint, voice or face)

Our platform will create and provide an authentication code as described in the PSD2 RTS. And it’s built to adapt and grow with changing global identity fraud regulations and other requirements as they evolve over time.

What are the key benefits of your Authentication Platform?• Simplifies and strengthens identity

verification and authentication — Our solution relies on an unmatched storehouse of information to provide real-time assessments of cardholder interactions and some types of financial transactions.

• Enables sophisticated, yet simple anomaly detection — The solution takes full advantage of cutting-edge, machine-learning intelligence to detect fraud. All authentication tasks are available under a single login — for the ultimate in simplicity and a nearly frictionless experience for your team.

• Ensures that you have needed tools — Our platform includes an array of dashboards, alerts and visualization tools to help your team resolve cases quickly and adjust rules and workflows in real time to prevent weaknesses from being exploited.

• Offers exceptional customization and configurability — Lets you determine what level of risk or customer friction you’re comfortable with. Accommodates options ranging from virtually transparent identity verification and risk assessment to stringent measures such as one-time passcodes, push notifications or facial recognition techniques.

• Supports third-party identification verification — Lets you seamlessly integrate with third-party solutions in areas such device recognition or biometric identifiers.

2

How does the Authentication Platform contribute to the TSYS ecosystem?The Authentication Platform is fully integrated into our connected ecosystem of open, API-first platforms and solutions.

Our connected ecosystem helps streamline customization and makes it easy to get up and running quickly.

33

To learn more:1.844.663.8797 sales@tsys.com

CALL USNorth America +1.844.663.8797

International +44.1904.562.051

TSYS AUTHENTICATIONS PLATFORM FAQs

twitter.com/GlobalPayInc

facebook.com/GlobalPaymentsInc linkedin.com/company/global-payments

© 2019 Total System Services LLC. ® All rights reserved worldwide. Total System Services LLC, and TSYS® are federally registered service marks of Total System Services LLC, in the United States. Total System Services LLC, and its affiliates own a number of service marks that are registered in the United States and in other countries. All other products and company names are trademarks of their respective companies. (11/2019)