The Commerzbank PhotoTAN app - German bank leans on secure mobile login
30.06.2026 - 17:13:47 | ad-hoc-news.deBy Julian Reed, ad hoc news New Launch Desk. Reviewed June 30, 2026, 11:18 AM ET. Details in the imprint.
Commerzbank PhotoTAN app is the first thing you see when a German customer logs into mobile banking and a colored mosaic suddenly fills the phone screen. The pattern looks almost like a tiny stained-glass window, but it hides a one-time code that decides whether a wire transfer goes through or not.
How PhotoTAN works day to day
At its core, Commerzbank PhotoTAN is a smartphone app that reads a color QR-like graphic and converts it into a transaction-specific TAN, or one-time password. The mosaic pops up when a user confirms payments, standing orders or key settings in the online or mobile banking portal.
Customers first register the app by scanning an activation graphic from a physical letter or from the main banking app, linking one PhotoTAN instance to their profile. Once activated, users can hover their phone camera over the colored tile and the app immediately displays a six-digit code plus transaction details for cross-checking.
Security focus and regulatory context
European banks, including Commerzbank, must comply with PSD2 strong customer authentication rules for most digital payments, which means an independent factor beyond just password and device. PhotoTAN delivers that second factor by running as a separate app, even on the same phone, and by using challenge-response graphics that cannot easily be guessed without the right cryptographic key.
Unlike pure SMS-based TAN, which has come under scrutiny due to SIM-swapping and interception risk, PhotoTAN codes depend on encrypted data in the graphic plus the app’s locally stored keys. Industry security analysts like Ulrich Schlüter have pointed out that optical TAN procedures make phishing attacks harder because users see transaction details inside the authorization app itself before entering the code.
Commerzbank AG and its digital banking push
Explore more Commerzbank AG news, including digital products like PhotoTAN and broader strategy updates.
User experience on phone and desktop
On an iPhone in Frankfurt, the PhotoTAN app opens with a stark white background, a yellow Commerzbank logo and a single button asking you to scan a graphic. Tapping that brings up the camera viewfinder, which instantly locks onto the colored tile in the banking app. Within a second, the interface flips and shows a six-digit TAN plus a short text like “Transfer to Max Mustermann, €250”.
Commerzbank’s product managers have kept the PhotoTAN app deliberately minimal, without extra menus or marketing banners, to reduce the risk of mis-taps during high-stakes transactions. The security settings, device deregistration and help pages live behind a small menu glyph, which testers like financial blogger Niels Nauhauser have described as intuitive even for less tech-savvy customers.
Hardware reader vs app choice
Commerzbank also offers a physical PhotoTAN reader device, roughly the size of a small pager, for customers who prefer not to use a smartphone. The hardware reader uses the same color graphic system but carries its keys on the device chip and shows codes on a tiny monochrome display.
Older customers and corporate treasurers sometimes favor the reader because it stays in the office drawer and cannot be compromised through app downloads, they argue. However, Commerzbank data cited in German consumer press indicates that the majority of retail users have migrated to the smartphone app in recent years, driven by convenience and the fact that the app is free while the reader costs a fee.
Availability and language support
PhotoTAN is built for Commerzbank’s retail and small-business customers in Germany and is available in German-language app stores under the name “photoTAN”. It can be downloaded for iOS and Android, with recent versions tested for iOS and corresponding Android releases.
The bank bundles PhotoTAN into its broader online banking package, so there is no separate subscription or per-use fee for the app itself. That means a current-account holder who signs up for digital banking will receive activation instructions for PhotoTAN by mail or through an in-branch process, without additional charges.
Risk, fraud and customer behavior
German regulators and consumer agencies regularly warn about phishing attacks that try to coax users into authorizing fraudulent transfers. With PhotoTAN, the customer sees the destination account and amount inside the authorization app before entering the TAN, making suspicious changes easier to spot.
Analysts like Markus Demary at the German Economic Institute have noted that optical TAN methods like PhotoTAN reduce some fraud vectors but do not eliminate the need for basic hygiene, such as keeping devices updated and ignoring unsolicited calls. Commerzbank’s own help pages emphasize that staff will never ask for a PhotoTAN code over the phone or by email, reinforcing the idea that codes belong only in the bank’s official login flows.
Competitive landscape with other banks
Commerzbank is not alone in offering an optical TAN app. Other German institutions such as Deutsche Bank and Sparkassen-run services have their own variants, some branded chipTAN or pushTAN. However, Commerzbank’s PhotoTAN stands out because it combines challenge-response graphics with a clear transaction summary on a separate app screen, which security experts argue improves user awareness.
Where some rivals have shifted fully to push-based confirmations, Commerzbank still relies heavily on numeric TAN entry paired with the optical graphic, a design choice that Bettina Orlopp, Commerzbank’s chief executive, has defended as giving customers an extra moment of reflection before sending money. That added friction could slightly slow checkout flows, but for high-value transfers it may be welcomed.
Digital strategy and stock context
PhotoTAN sits inside a wider digitization program that Commerzbank has outlined in recent strategy updates, including branch reductions and a focus on self-service banking channels. For product managers, the app is both a security tool and a way to keep transactional customers within Commerzbank’s ecosystem rather than ceded to fintech intermediaries.
Commerzbank AG stock (Xetra: CBK, ISIN DE000CBK1001) is listed in Frankfurt and does not have a primary US listing, but investors watching the bank’s valuation often factor in its digital infrastructure, including PhotoTAN, as part of long-term efficiency and customer-retention assumptions.
Commerzbank PhotoTAN at a glance
- Product: Commerzbank PhotoTAN app
- Manufacturer: Commerzbank AG
- Category: New launch
- Launch: Introduced in the 2010s, updated regularly for iOS and Android
- MSRP / Price: Free as part of Commerzbank online banking
- Availability: Germany, iOS and Android app stores, for Commerzbank customers
- Target audience: Retail and small-business banking users needing secure online and mobile transaction approval
- Standout / USP: Separate app that converts colored graphics into transaction-specific TAN codes, offering visual confirmation and PSD2-compliant strong authentication.
This article was AI-assisted and editorially reviewed. Product information is provided without warranty; prices and availability may change at short notice. Not investment advice and not a buy or sell recommendation. Securities trading carries risks up to total loss.
