Mona’s architecture is built on Strong Customer Authentication (SCA) using cryptographic signatures from on-device credentials. Every sensitive operation—whether consenting to future collections or making payments—is cryptographically signed using passkeys or private keys stored securely on the user’s device.This cryptographic foundation provides unparalleled security, but the complexity is completely abstracted away by our SDKs. You get enterprise-grade authentication without any of the implementation complexity.Our architecture follows a secure two-step pattern that separates backend operations from client-side implementation. This ensures your sensitive API keys never leave your server while providing seamless user experiences in your apps and websites.
At the heart of every Mona interaction is Strong Customer Authentication. This isn’t just about passwords or SMS codes—it’s about cryptographic proof that the user is who they claim to be and that they genuinely intend to perform the action.