SlideShare una empresa de Scribd logo

Cidway Banking 02 2011

L
lfilliat

Latest version of Cidway Strong Authentication Solution, including Nagra Display Cards

1 de 21
Descargar para leer sin conexión
DISCOVER CIDWAY Securing Access & Transactions 2011 Discover the future of security on www.cidway.com
Table of Content •  CORPORATE BACKGROUND   Facts & History   Industries •  BUSINESS CASES   Multi Channel authentication & transaction signature for Banks   Corporate Access   Wifi Hotspot Access •  PRODUCT PRESENTATION   Product Line   Tokens Features   Key differentiators Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 2
CORPORATE BACKGROUND
CIDWAY – Background Cidway Partners and Customer Services   Created in December 2005   Global presence via partners & resellers   Head Quarters in Lausanne, CH   Support center for Partners   Sales Offices in Switzerland & UK   Support portal available for partners   Internal R&D & Patent Office   Consulting services CIDWAY’s Vision Authentication and transactions should be safe, reliable and easy for anyone, anywhere, anytime This vision is fuelled by:   Meeting virtually all authentication requirements   Making Authentication & Transactions simple, easy, accessible, secure and user friendly   Addressing virtually unlimited vertical applications from one platform Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 4
Secure Identity, Authentication & Transactions Banking & Finance E-Banking, Mobile-Banking, Transactions signature, Phone Banking, ATM & POS anti-fraud… Mobile Application’s Providers Securing access & transactions for mobile applications (e/m-Commerce, e/m-Gambling, sms authentication…) Mobile Money & Payment P2P mPayment, cardless ATM cash withdrawal, POS mPayment, Bill payment… Enterprise resource access Two-factor authentication to Login to the Desktop / VPN access / Applications / Citrix / Webmail… Homeland Security Airline pilot & vehicle identification physical security solutions (guard exchange id., biometric implementation, etc.) Telecommunications Mobile Top-up, resources access, ASP authentication solution, SIM based OTP… E-Government services Citizens authentication & transaction security, electronic & mobile voting, bill payment… Enable new channels - Improve client’s confidence & loyalty – Lower TCO Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 5
BUSINESS CASES
CIDWAY Multi Channel authentication for Banks Improve  ROI  &  Enable  new  Channels   •  Ra%onalize  the  number  of  authen%ca%on  solu%ons   •  Lower  the  cost  of  acquisi%on  &  maintenance   •  Lower  the  cost  of  deployment  &  replacement   •  Lower  transac%ons’  cost  &  dispute  support   DESKTOP LOGIN ONLINE BANKING REMOTE ACCESS / VPN MOBILE BANKING •  Improve  customer  acquisi%on  &  reten%on   •  Enable  innova%ve  &  revenue  genera%ng  services    Simplify  User  Experience   •  Choice  of  device  (mobile  soCware,  hardware,  sms)   •  A  device  that  the  User  already  has  (mobile  phone)   PHONE •  Simple  &  easy  to  use   BANKING •  One  applica%on  for  many  services   Security     •  A  very  high  level  of  security,  using  %me  based  OTP,  with                 2-­‐way  authen%ca%on  &  Transac%on’s  signature,  combine   with  a  unique  &  patented  PIN    and  secrets  protec%on  on  the   DOCUMENT SIGNATURE Mobile  phone.   & DATA CORROBORATION Integra?on     •  Easy  to  integrate  within  exis%ng  bank  infrastructure  (Gaia   Server  or  SDK)   •  Mobile  SDK  for  integra%on  in  any  exis%ng  mobile  applica%on   •  Scalable  &  fail-­‐safe  solu%on   ANTI-FRAUD ATM SMS / EMAIL •  Easy  deployment  (internal  tools)   AUTHENTICATION Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 7
Corporate Access - CIDWAY 1.  Remote Access / VPN (using a PC or a PDA) 2.  Desktop login (in the corporate network – Windows, Mac…) 3.  Remote access using Citrix plugin from Cidway 4.  Webmail access using plugin from Cidway 5.  Application Access (SAP, Oracle, etc.) SSL VPN Gateway radius PDA CIDWAY SERVER & Cidway OTP Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 8
WIFI HOTSPOT ACCESS CARACTERISTICS •  Securing Internet access via Wifi Hotspots and a Captive Portal (existing CP or the one embedded into the WiFi infrastructure: Cisco WLC, Aruba, HP procurve…) •  Can be used with Display Cards, Sesami Mobile or SMS-OTP •  Self-registration Portal in the case of SMS-OTP •  The interface with the CP is done using Radius protocol •  Direct connection with Access Points does not work. •  Subject to complete feasibility analisys ADDED VALUE •  Securing & automatic Internet Access for Guests & Consultants… •  Traceability for Public Wifi Access (according to European regulation), using sms-otp Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 9
CIDWAY key differentiators Flexibility •  Hardware, sms & Software tokens •  Multi-purpose solution (transaction, authentication, document/email corroboration) •  One single server for multi-channel communication Cost Optimization •  1 solution secures all remote-access •  Low acquisition, deployment and maintenance costs •  No need for inventory (sms & soft) •  Transaction’s cost reduction and customer retention Convenience •  1 device & 1 PIN for any access or transaction •  Familiar and user friendly experience •  No need to carry many tokens Security •  Time based OTP algorithm (One Time Password is “not predictable”) •  Anti-fraud protection against common attacks (e.g. phishing, man in the middle, etc.) •  Secrets are not stored in the Cell-phone (soft token) Integration •  Easy to integrate within existing infrastructure •  Scalable solution Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 10
CIDWAY Some of our Clients, Partners & on-going initiatives Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 11
PRODUCT PRESENTATION
CIDWAY GAIA / SESAMI Product Line One server for multiple tokens Display Cards SESAMI Mobile" Hardware Tokens Time based OTP Software token for Convergence of physical & mobile phones. logical access" Yubikey GAIA Server" Authentication platform GAIA SDK" Authentication platform SDK SESAMI Mobile SDK" SESAMI SMS" Time based OTP Token SDK for SMS based OTP for mobile phones mobile phones SDK: Software Development Kit Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 13
CIDWAY SESAMI Mobile FEATURES & CHARACTERISTICS Security •  Time based OTP with time stamping OK •  OTP time management to the second •  Protection against theft or loss of mobile phone: PIN not stored on Mobile, neither transmitted, neither stored on the server (patented solution) •  PIN Code selected by the User (no need for temporary PIN sent to the User) Compatibility •  Large handset coverage (Windows Mobile, Blackberry, Android, Java, iPhone, iPad) •  Automatic time synchronization (support of any clock change on the mobile) •  Multiple transmission methods (Screen display, SMS, WAP, MMS, GPRS, Acoustic, NFC*…) Functionalities •  2-factor authentication (User authenticated by the Server) •  2-way authentication (server is authenticated by the User) •  Transaction’s signature (guarantee the integrity of transactions, against MitM) •  Automated registration •  Time Traceability •  Mobile SDK for integration into any existing mobile application Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 14
Distribution 1. Download methods •  Over the Air (OTA) Download Gateway (sample) –  Push: triggered by the Bank (e.g. sms-link) –  Pull: triggered by the User (request on the Web portal of the Bank) •  Any other communication means –  eMail –  PC Download –  Pre-loaded –  Bluetooth –  Etc. 2. Download Gateway •  Automatically detects User’s phone –  Pushes the appropriate application 3. User Registration •  Automatically Registration –  Redirects to appropriate Mobile Store (AppStore…) –  UserID & Password (on Mobile) –  Numeric Code (on Mobile) •  User selects PIN Code (4 to 8 digits) Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 15
Display Card 106 •  Dimensions: 85.5mm x 54mm x 0.8mm •  NagraLam lamination technology •  OTP OATH algorithm •  Dynamic one-time password (OTP) •  Numerical 6-digit display •  Compliant to a broad list of standards (ISO/IEC, INCITS, ANSI, CQM, others pending) •  1 to 3-year lifetime* (see warranty) •  Tamper evident •  Custom artwork graphics (above 1’000) •  Card personalization features and options Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 16
NagraID Display Card 306 •  Dimensions: 85.5mm x 54mm x 0.8mm •  NagraLam lamination technology •  OTP OATH algorithm •  Dynamic one-time password (OTP) •  Numerical 6-digit display •  Compliant to a broad list of standards (ISO/ IEC, INCITS, ANSI, CQM, others pending) •  1 to 3-year lifetime* (see warranty) •  Tamper evident •  Custom artwork graphics (above 1’000) •  Card personalization features and options Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 17
YUBIKEYS CARACTERISTICS •  Physical properties (YubiKey) •  Size: 18 x 45 x 3 mm Weight: 2,5 grams Material: Plastic Color: Black or white (Other colors available on request) •  Platform independent •  Compatible with Windows 98SE and onwards, MacOS 9 and onwards, Linux and Solaris with USB HID support (standard USB driver) and other platforms and devices with a USB host controller. •  HOATH Algorithm Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 18
CIDWAY SESAMI SMS FEATURES & CHARACTERISTICS •  Strong two-factor authentication •  No need for software installation or activation in the mobile •  No secret stored in the mobile •  User convenience – automatic back-up to hardware tokens •  User can change his mobile phone time zone or time •  Easy management – no need to maintain inventory •  Works with any SMS enabled mobile phone or PDA OTP FEATURES •  8 decimal digits (or optionally 8 hex-digits) •  Time-based combined with challenge-response •  Validity of few seconds (server parameter) •  Automatic time management by the server •  Easy  deployment •  No  stock  management •  Low  on-­‐going  cost Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 19
What makes us different from competition? TECHNOLOGY   PIN & Data protection - Ability to protect secret and sensitive data in mobile phones and PDAs, using Cidway patented solution   Registration and Activation - Ability to ensure convenient & secure registration procedure for CIDWAY mobile tokens   Time Management - Ability to time-stamp the OTP and Transaction Signature to the second and to allow an off-line (after-the-fact) verification of the OTP or the Signature.   Automatic Time Synchronization - Ability to fix in a transparent way for the user and the server the time drift between the token and the server, even if the token is a mobile application. UNIQUE RESPONSE TO MARKET NEEDS   2-Factor Authentication – using a time-based OTP generated autonomously on a mobile phone   2-Way Authentication – ensuring the User he’s connected to the right server   Transaction Signature – preventing MitM attacks, with uniquely customizable fields   Mobile SDK – seamless integration into any mobile application ensuring the simplest User experience Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 20
THANK YOU FOR YOUR ATTENTION For more information, contact: Laurent FILLIAT VP Strategic Business Mob. +41 78 842 11 47 Tel. +41 21 331 27 00 Fax +41 21 331 27 09 Email: laurent.filliat@cidway.com

Recomendados

Over the Air 2011 Security Workshop
Over the Air 2011 Security Workshop Over the Air 2011 Security Workshop
Over the Air 2011 Security Workshop
Ericsson Labs
 
Rubik Financial - Introduction- March 2012
Rubik Financial - Introduction- March 2012Rubik Financial - Introduction- March 2012
Rubik Financial - Introduction- March 2012
Shelf Companies Aust
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authentication
OKsystem
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12
lfilliat
 
Assurity seminar 24 jan
Assurity seminar 24 janAssurity seminar 24 jan
Assurity seminar 24 jan
Jason Kong
 
Sxsw ppt voice-1
Sxsw ppt voice-1Sxsw ppt voice-1
Sxsw ppt voice-1
Dan Miller
 
From E-Transactions to M-Transactions: Enabling mobile transactions with info...
From E-Transactions to M-Transactions: Enabling mobile transactions with info...From E-Transactions to M-Transactions: Enabling mobile transactions with info...
From E-Transactions to M-Transactions: Enabling mobile transactions with info...
drctan
 
Dowiedz się więcej o Level3. Poznaj usługi, historię firmy i jej największych...
Dowiedz się więcej o Level3. Poznaj usługi, historię firmy i jej największych...Dowiedz się więcej o Level3. Poznaj usługi, historię firmy i jej największych...
Dowiedz się więcej o Level3. Poznaj usługi, historię firmy i jej największych...
Paweł Kowalski
 

Recomendados

Over the Air 2011 Security Workshop
Over the Air 2011 Security Workshop Over the Air 2011 Security Workshop
Over the Air 2011 Security Workshop
Ericsson Labs
 
Rubik Financial - Introduction- March 2012
Rubik Financial - Introduction- March 2012Rubik Financial - Introduction- March 2012
Rubik Financial - Introduction- March 2012
Shelf Companies Aust
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authentication
OKsystem
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12
lfilliat
 
Assurity seminar 24 jan
Assurity seminar 24 janAssurity seminar 24 jan
Assurity seminar 24 jan
Jason Kong
 
Sxsw ppt voice-1
Sxsw ppt voice-1Sxsw ppt voice-1
Sxsw ppt voice-1
Dan Miller
 
From E-Transactions to M-Transactions: Enabling mobile transactions with info...
From E-Transactions to M-Transactions: Enabling mobile transactions with info...From E-Transactions to M-Transactions: Enabling mobile transactions with info...
From E-Transactions to M-Transactions: Enabling mobile transactions with info...
drctan
 
Dowiedz się więcej o Level3. Poznaj usługi, historię firmy i jej największych...
Dowiedz się więcej o Level3. Poznaj usługi, historię firmy i jej największych...Dowiedz się więcej o Level3. Poznaj usługi, historię firmy i jej największych...
Dowiedz się więcej o Level3. Poznaj usługi, historię firmy i jej największych...
Paweł Kowalski
 
Signify Passcode On Demand
Signify Passcode On DemandSignify Passcode On Demand
Signify Passcode On Demand
pjpallen
 
Wireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st CenturyWireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st Century
andrescarvallo
 
Mdc Brochure
Mdc BrochureMdc Brochure
Mdc Brochure
martgroot
 
10 fn s15
10 fn s1510 fn s15
10 fn s15
Scott Foster
 
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer
 
חברות ישראליות בברצלונה 2010
חברות ישראליות בברצלונה 2010חברות ישראליות בברצלונה 2010
חברות ישראליות בברצלונה 2010
Elad Cohen
 
IP communications to billions of people coming soon to a web broswer near y...
IP communications to billions of people coming soon to a web broswer near y...IP communications to billions of people coming soon to a web broswer near y...
IP communications to billions of people coming soon to a web broswer near y...
Ericsson Slides
 
Ipecs sbg-1000 brochure
Ipecs sbg-1000 brochureIpecs sbg-1000 brochure
Ipecs sbg-1000 brochure
Will Morey
 
Magpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering OfferingMagpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering Offering
impodgirl
 
Communic Asia 2011 Catalogue
Communic Asia 2011 CatalogueCommunic Asia 2011 Catalogue
Communic Asia 2011 Catalogue
Elad Cohen
 
2012 Accumulate Mobile Everywhere Introduction
2012 Accumulate Mobile Everywhere Introduction2012 Accumulate Mobile Everywhere Introduction
2012 Accumulate Mobile Everywhere Introduction
Szymon Dowgwillowicz-Nowicki
 
ekey+ Presentation
ekey+ Presentationekey+ Presentation
ekey+ Presentation
Creus Moreira Carlos
 
Signify Overview
Signify OverviewSignify Overview
Signify Overview
pjpallen
 
Meet XO
Meet XOMeet XO
Meet XO
Sean Woodward
 
Cidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 FullCidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 Full
lfilliat
 
Byrokrat Cup 2015
Byrokrat Cup 2015Byrokrat Cup 2015
Byrokrat Cup 2015
Saša Mráz
 
Informe de evaluacion del plan vasco para la paz y la convivencia
Informe de evaluacion del plan vasco para la paz y la convivenciaInforme de evaluacion del plan vasco para la paz y la convivencia
Informe de evaluacion del plan vasco para la paz y la convivencia
Irekia - EJGV
 
Talleres soria
Talleres soriaTalleres soria
Talleres soria
Elizabeth Carrasco
 
El sintagma verbal
El sintagma verbalEl sintagma verbal
El sintagma verbal
lenguaventura
 
La industria panelera de pueblorrico
La industria panelera de pueblorricoLa industria panelera de pueblorrico
La industria panelera de pueblorrico
Gustavo Ospina
 
Bases legales.- Aniversario Lisboa #destinosIberia
Bases legales.- Aniversario Lisboa #destinosIberiaBases legales.- Aniversario Lisboa #destinosIberia
Bases legales.- Aniversario Lisboa #destinosIberia
Iberia
 
Animales Raros
Animales RarosAnimales Raros
Animales Raros
rakelrh
 

Más contenido relacionado

La actualidad más candente

Signify Passcode On Demand
Signify Passcode On DemandSignify Passcode On Demand
Signify Passcode On Demand
pjpallen
 
Wireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st CenturyWireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st Century
andrescarvallo
 
Mdc Brochure
Mdc BrochureMdc Brochure
Mdc Brochure
martgroot
 
Signify Overview
Signify OverviewSignify Overview
Signify Overview
pjpallen
 

La actualidad más candente (14)

Signify Passcode On Demand
Signify Passcode On DemandSignify Passcode On Demand
Signify Passcode On Demand
 
Wireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st CenturyWireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st Century
 
Mdc Brochure
Mdc BrochureMdc Brochure
Mdc Brochure
 
10 fn s15
10 fn s1510 fn s15
10 fn s15
 
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
 
חברות ישראליות בברצלונה 2010
חברות ישראליות בברצלונה 2010חברות ישראליות בברצלונה 2010
חברות ישראליות בברצלונה 2010
 
IP communications to billions of people coming soon to a web broswer near y...
IP communications to billions of people coming soon to a web broswer near y...IP communications to billions of people coming soon to a web broswer near y...
IP communications to billions of people coming soon to a web broswer near y...
 
Ipecs sbg-1000 brochure
Ipecs sbg-1000 brochureIpecs sbg-1000 brochure
Ipecs sbg-1000 brochure
 
Magpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering OfferingMagpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering Offering
 
Communic Asia 2011 Catalogue
Communic Asia 2011 CatalogueCommunic Asia 2011 Catalogue
Communic Asia 2011 Catalogue
 
2012 Accumulate Mobile Everywhere Introduction
2012 Accumulate Mobile Everywhere Introduction2012 Accumulate Mobile Everywhere Introduction
2012 Accumulate Mobile Everywhere Introduction
 
ekey+ Presentation
ekey+ Presentationekey+ Presentation
ekey+ Presentation
 
Signify Overview
Signify OverviewSignify Overview
Signify Overview
 
Meet XO
Meet XOMeet XO
Meet XO
 

Destacado

Cidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 FullCidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 Full
lfilliat
 
Informe de evaluacion del plan vasco para la paz y la convivencia
Informe de evaluacion del plan vasco para la paz y la convivenciaInforme de evaluacion del plan vasco para la paz y la convivencia
Informe de evaluacion del plan vasco para la paz y la convivencia
Irekia - EJGV
 
La industria panelera de pueblorrico
La industria panelera de pueblorricoLa industria panelera de pueblorrico
La industria panelera de pueblorrico
Gustavo Ospina
 
Bases legales.- Aniversario Lisboa #destinosIberia
Bases legales.- Aniversario Lisboa #destinosIberiaBases legales.- Aniversario Lisboa #destinosIberia
Bases legales.- Aniversario Lisboa #destinosIberia
Iberia
 
Animales Raros
Animales RarosAnimales Raros
Animales Raros
rakelrh
 
Trade financeguide ch13_latest_eg_main_055043
Trade financeguide ch13_latest_eg_main_055043Trade financeguide ch13_latest_eg_main_055043
Trade financeguide ch13_latest_eg_main_055043
2008shekhar
 
¿Recordabas los personajes clásicos de disney?
¿Recordabas los personajes clásicos de disney?¿Recordabas los personajes clásicos de disney?
¿Recordabas los personajes clásicos de disney?
Alejandra Varela
 
DEVNET-1111 Scott Hanselman on Virtual Machines, JavaScript and Assembler
DEVNET-1111 Scott Hanselman on Virtual Machines, JavaScript and AssemblerDEVNET-1111 Scott Hanselman on Virtual Machines, JavaScript and Assembler
DEVNET-1111 Scott Hanselman on Virtual Machines, JavaScript and Assembler
Cisco DevNet
 
Marco metodológico
Marco metodológicoMarco metodológico
Marco metodológico
UGMA
 

Destacado (20)

Cidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 FullCidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 Full
 
Byrokrat Cup 2015
Byrokrat Cup 2015Byrokrat Cup 2015
Byrokrat Cup 2015
 
Informe de evaluacion del plan vasco para la paz y la convivencia
Informe de evaluacion del plan vasco para la paz y la convivenciaInforme de evaluacion del plan vasco para la paz y la convivencia
Informe de evaluacion del plan vasco para la paz y la convivencia
 
Talleres soria
Talleres soriaTalleres soria
Talleres soria
 
El sintagma verbal
El sintagma verbalEl sintagma verbal
El sintagma verbal
 
La industria panelera de pueblorrico
La industria panelera de pueblorricoLa industria panelera de pueblorrico
La industria panelera de pueblorrico
 
Bases legales.- Aniversario Lisboa #destinosIberia
Bases legales.- Aniversario Lisboa #destinosIberiaBases legales.- Aniversario Lisboa #destinosIberia
Bases legales.- Aniversario Lisboa #destinosIberia
 
Animales Raros
Animales RarosAnimales Raros
Animales Raros
 
Trade financeguide ch13_latest_eg_main_055043
Trade financeguide ch13_latest_eg_main_055043Trade financeguide ch13_latest_eg_main_055043
Trade financeguide ch13_latest_eg_main_055043
 
Forste Samling I Drammen
Forste Samling I DrammenForste Samling I Drammen
Forste Samling I Drammen
 
¿Recordabas los personajes clásicos de disney?
¿Recordabas los personajes clásicos de disney?¿Recordabas los personajes clásicos de disney?
¿Recordabas los personajes clásicos de disney?
 
Security news vol. 6 - 20150528 - Risk & Technology Wrocław Group
Security news vol. 6 - 20150528 - Risk & Technology Wrocław GroupSecurity news vol. 6 - 20150528 - Risk & Technology Wrocław Group
Security news vol. 6 - 20150528 - Risk & Technology Wrocław Group
 
Carbon and Livelihood Outcomes on the Forest-Farm Frontier
Carbon and Livelihood Outcomes on the Forest-Farm FrontierCarbon and Livelihood Outcomes on the Forest-Farm Frontier
Carbon and Livelihood Outcomes on the Forest-Farm Frontier
 
DEVNET-1111 Scott Hanselman on Virtual Machines, JavaScript and Assembler
DEVNET-1111 Scott Hanselman on Virtual Machines, JavaScript and AssemblerDEVNET-1111 Scott Hanselman on Virtual Machines, JavaScript and Assembler
DEVNET-1111 Scott Hanselman on Virtual Machines, JavaScript and Assembler
 
Presentacion Servicios Saleswin
Presentacion Servicios SaleswinPresentacion Servicios Saleswin
Presentacion Servicios Saleswin
 
[Tel aviv merge world tour] Perforce Keynote
[Tel aviv merge world tour] Perforce Keynote[Tel aviv merge world tour] Perforce Keynote
[Tel aviv merge world tour] Perforce Keynote
 
Presentación Chogua para ventures
Presentación Chogua para venturesPresentación Chogua para ventures
Presentación Chogua para ventures
 
Portafolio Diagnostico Zasary Diaz
Portafolio Diagnostico Zasary DiazPortafolio Diagnostico Zasary Diaz
Portafolio Diagnostico Zasary Diaz
 
Marco metodológico
Marco metodológicoMarco metodológico
Marco metodológico
 
Rimon - CLE on Cloud Lawyering for PAABA
Rimon - CLE on Cloud Lawyering for PAABARimon - CLE on Cloud Lawyering for PAABA
Rimon - CLE on Cloud Lawyering for PAABA
 

Similar a Cidway Banking 02 2011

Mtel Cash Mobile Commerce Suite
Mtel Cash Mobile Commerce SuiteMtel Cash Mobile Commerce Suite
Mtel Cash Mobile Commerce Suite
watsongallery
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
OKsystem
 
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul MadsenCIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CloudIDSummit
 
Multicore I/O Processors In Virtual Data Centers
Multicore I/O Processors In Virtual Data CentersMulticore I/O Processors In Virtual Data Centers
Multicore I/O Processors In Virtual Data Centers
scarisbrick
 
Monetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless NetworksMonetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless Networks
Cisco Service Provider Mobility
 
Signify Software Tokens
Signify Software TokensSignify Software Tokens
Signify Software Tokens
pjpallen
 
Signify Software Tokens
Signify Software TokensSignify Software Tokens
Signify Software Tokens
kate_holden
 
Wanderweb-market-intro
Wanderweb-market-introWanderweb-market-intro
Wanderweb-market-intro
Philip Swart
 
Signify Passcode On Demand
Signify Passcode On DemandSignify Passcode On Demand
Signify Passcode On Demand
kate_holden
 
F5-BigIP Edge gateway introduction
F5-BigIP Edge gateway introduction F5-BigIP Edge gateway introduction
F5-BigIP Edge gateway introduction
Jimmy Saigon
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
OKsystem
 

Similar a Cidway Banking 02 2011 (20)

Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12
 
Cidway Byod Authentication
Cidway Byod AuthenticationCidway Byod Authentication
Cidway Byod Authentication
 
Mtel Cash Mobile Commerce Suite
Mtel Cash Mobile Commerce SuiteMtel Cash Mobile Commerce Suite
Mtel Cash Mobile Commerce Suite
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile Authentication
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
 
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul MadsenCIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 
Multicore I/O Processors In Virtual Data Centers
Multicore I/O Processors In Virtual Data CentersMulticore I/O Processors In Virtual Data Centers
Multicore I/O Processors In Virtual Data Centers
 
Monetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless NetworksMonetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless Networks
 
Signify Software Tokens
Signify Software TokensSignify Software Tokens
Signify Software Tokens
 
Signify Software Tokens
Signify Software TokensSignify Software Tokens
Signify Software Tokens
 
Wanderweb-market-intro
Wanderweb-market-introWanderweb-market-intro
Wanderweb-market-intro
 
Signify Passcode On Demand
Signify Passcode On DemandSignify Passcode On Demand
Signify Passcode On Demand
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
 
Entrust datacard --Authentication solutions overview
Entrust datacard --Authentication solutions overviewEntrust datacard --Authentication solutions overview
Entrust datacard --Authentication solutions overview
 
F5-BigIP Edge gateway introduction
F5-BigIP Edge gateway introduction F5-BigIP Edge gateway introduction
F5-BigIP Edge gateway introduction
 
Mobilize employees with the cisco mobile workspace solution
Mobilize employees with the cisco mobile workspace solutionMobilize employees with the cisco mobile workspace solution
Mobilize employees with the cisco mobile workspace solution
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual World
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
 
Are web apps the future?
Are web apps the future?Are web apps the future?
Are web apps the future?
 

Cidway Banking 02 2011

  • 1. DISCOVER CIDWAY Securing Access & Transactions 2011 Discover the future of security on www.cidway.com
  • 2. Table of Content •  CORPORATE BACKGROUND   Facts & History   Industries •  BUSINESS CASES   Multi Channel authentication & transaction signature for Banks   Corporate Access   Wifi Hotspot Access •  PRODUCT PRESENTATION   Product Line   Tokens Features   Key differentiators Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 2
  • 4. CIDWAY – Background Cidway Partners and Customer Services   Created in December 2005   Global presence via partners & resellers   Head Quarters in Lausanne, CH   Support center for Partners   Sales Offices in Switzerland & UK   Support portal available for partners   Internal R&D & Patent Office   Consulting services CIDWAY’s Vision Authentication and transactions should be safe, reliable and easy for anyone, anywhere, anytime This vision is fuelled by:   Meeting virtually all authentication requirements   Making Authentication & Transactions simple, easy, accessible, secure and user friendly   Addressing virtually unlimited vertical applications from one platform Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 4
  • 5. Secure Identity, Authentication & Transactions Banking & Finance E-Banking, Mobile-Banking, Transactions signature, Phone Banking, ATM & POS anti-fraud… Mobile Application’s Providers Securing access & transactions for mobile applications (e/m-Commerce, e/m-Gambling, sms authentication…) Mobile Money & Payment P2P mPayment, cardless ATM cash withdrawal, POS mPayment, Bill payment… Enterprise resource access Two-factor authentication to Login to the Desktop / VPN access / Applications / Citrix / Webmail… Homeland Security Airline pilot & vehicle identification physical security solutions (guard exchange id., biometric implementation, etc.) Telecommunications Mobile Top-up, resources access, ASP authentication solution, SIM based OTP… E-Government services Citizens authentication & transaction security, electronic & mobile voting, bill payment… Enable new channels - Improve client’s confidence & loyalty – Lower TCO Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 5
  • 7. CIDWAY Multi Channel authentication for Banks Improve  ROI  &  Enable  new  Channels   •  Ra%onalize  the  number  of  authen%ca%on  solu%ons   •  Lower  the  cost  of  acquisi%on  &  maintenance   •  Lower  the  cost  of  deployment  &  replacement   •  Lower  transac%ons’  cost  &  dispute  support   DESKTOP LOGIN ONLINE BANKING REMOTE ACCESS / VPN MOBILE BANKING •  Improve  customer  acquisi%on  &  reten%on   •  Enable  innova%ve  &  revenue  genera%ng  services    Simplify  User  Experience   •  Choice  of  device  (mobile  soCware,  hardware,  sms)   •  A  device  that  the  User  already  has  (mobile  phone)   PHONE •  Simple  &  easy  to  use   BANKING •  One  applica%on  for  many  services   Security     •  A  very  high  level  of  security,  using  %me  based  OTP,  with                 2-­‐way  authen%ca%on  &  Transac%on’s  signature,  combine   with  a  unique  &  patented  PIN    and  secrets  protec%on  on  the   DOCUMENT SIGNATURE Mobile  phone.   & DATA CORROBORATION Integra?on     •  Easy  to  integrate  within  exis%ng  bank  infrastructure  (Gaia   Server  or  SDK)   •  Mobile  SDK  for  integra%on  in  any  exis%ng  mobile  applica%on   •  Scalable  &  fail-­‐safe  solu%on   ANTI-FRAUD ATM SMS / EMAIL •  Easy  deployment  (internal  tools)   AUTHENTICATION Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 7
  • 8. Corporate Access - CIDWAY 1.  Remote Access / VPN (using a PC or a PDA) 2.  Desktop login (in the corporate network – Windows, Mac…) 3.  Remote access using Citrix plugin from Cidway 4.  Webmail access using plugin from Cidway 5.  Application Access (SAP, Oracle, etc.) SSL VPN Gateway radius PDA CIDWAY SERVER & Cidway OTP Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 8
  • 9. WIFI HOTSPOT ACCESS CARACTERISTICS •  Securing Internet access via Wifi Hotspots and a Captive Portal (existing CP or the one embedded into the WiFi infrastructure: Cisco WLC, Aruba, HP procurve…) •  Can be used with Display Cards, Sesami Mobile or SMS-OTP •  Self-registration Portal in the case of SMS-OTP •  The interface with the CP is done using Radius protocol •  Direct connection with Access Points does not work. •  Subject to complete feasibility analisys ADDED VALUE •  Securing & automatic Internet Access for Guests & Consultants… •  Traceability for Public Wifi Access (according to European regulation), using sms-otp Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 9
  • 10. CIDWAY key differentiators Flexibility •  Hardware, sms & Software tokens •  Multi-purpose solution (transaction, authentication, document/email corroboration) •  One single server for multi-channel communication Cost Optimization •  1 solution secures all remote-access •  Low acquisition, deployment and maintenance costs •  No need for inventory (sms & soft) •  Transaction’s cost reduction and customer retention Convenience •  1 device & 1 PIN for any access or transaction •  Familiar and user friendly experience •  No need to carry many tokens Security •  Time based OTP algorithm (One Time Password is “not predictable”) •  Anti-fraud protection against common attacks (e.g. phishing, man in the middle, etc.) •  Secrets are not stored in the Cell-phone (soft token) Integration •  Easy to integrate within existing infrastructure •  Scalable solution Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 10
  • 11. CIDWAY Some of our Clients, Partners & on-going initiatives Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 11
  • 13. CIDWAY GAIA / SESAMI Product Line One server for multiple tokens Display Cards SESAMI Mobile" Hardware Tokens Time based OTP Software token for Convergence of physical & mobile phones. logical access" Yubikey GAIA Server" Authentication platform GAIA SDK" Authentication platform SDK SESAMI Mobile SDK" SESAMI SMS" Time based OTP Token SDK for SMS based OTP for mobile phones mobile phones SDK: Software Development Kit Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 13
  • 14. CIDWAY SESAMI Mobile FEATURES & CHARACTERISTICS Security •  Time based OTP with time stamping OK •  OTP time management to the second •  Protection against theft or loss of mobile phone: PIN not stored on Mobile, neither transmitted, neither stored on the server (patented solution) •  PIN Code selected by the User (no need for temporary PIN sent to the User) Compatibility •  Large handset coverage (Windows Mobile, Blackberry, Android, Java, iPhone, iPad) •  Automatic time synchronization (support of any clock change on the mobile) •  Multiple transmission methods (Screen display, SMS, WAP, MMS, GPRS, Acoustic, NFC*…) Functionalities •  2-factor authentication (User authenticated by the Server) •  2-way authentication (server is authenticated by the User) •  Transaction’s signature (guarantee the integrity of transactions, against MitM) •  Automated registration •  Time Traceability •  Mobile SDK for integration into any existing mobile application Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 14
  • 15. Distribution 1. Download methods •  Over the Air (OTA) Download Gateway (sample) –  Push: triggered by the Bank (e.g. sms-link) –  Pull: triggered by the User (request on the Web portal of the Bank) •  Any other communication means –  eMail –  PC Download –  Pre-loaded –  Bluetooth –  Etc. 2. Download Gateway •  Automatically detects User’s phone –  Pushes the appropriate application 3. User Registration •  Automatically Registration –  Redirects to appropriate Mobile Store (AppStore…) –  UserID & Password (on Mobile) –  Numeric Code (on Mobile) •  User selects PIN Code (4 to 8 digits) Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 15
  • 16. Display Card 106 •  Dimensions: 85.5mm x 54mm x 0.8mm •  NagraLam lamination technology •  OTP OATH algorithm •  Dynamic one-time password (OTP) •  Numerical 6-digit display •  Compliant to a broad list of standards (ISO/IEC, INCITS, ANSI, CQM, others pending) •  1 to 3-year lifetime* (see warranty) •  Tamper evident •  Custom artwork graphics (above 1’000) •  Card personalization features and options Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 16
  • 17. NagraID Display Card 306 •  Dimensions: 85.5mm x 54mm x 0.8mm •  NagraLam lamination technology •  OTP OATH algorithm •  Dynamic one-time password (OTP) •  Numerical 6-digit display •  Compliant to a broad list of standards (ISO/ IEC, INCITS, ANSI, CQM, others pending) •  1 to 3-year lifetime* (see warranty) •  Tamper evident •  Custom artwork graphics (above 1’000) •  Card personalization features and options Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 17
  • 18. YUBIKEYS CARACTERISTICS •  Physical properties (YubiKey) •  Size: 18 x 45 x 3 mm Weight: 2,5 grams Material: Plastic Color: Black or white (Other colors available on request) •  Platform independent •  Compatible with Windows 98SE and onwards, MacOS 9 and onwards, Linux and Solaris with USB HID support (standard USB driver) and other platforms and devices with a USB host controller. •  HOATH Algorithm Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 18
  • 19. CIDWAY SESAMI SMS FEATURES & CHARACTERISTICS •  Strong two-factor authentication •  No need for software installation or activation in the mobile •  No secret stored in the mobile •  User convenience – automatic back-up to hardware tokens •  User can change his mobile phone time zone or time •  Easy management – no need to maintain inventory •  Works with any SMS enabled mobile phone or PDA OTP FEATURES •  8 decimal digits (or optionally 8 hex-digits) •  Time-based combined with challenge-response •  Validity of few seconds (server parameter) •  Automatic time management by the server •  Easy  deployment •  No  stock  management •  Low  on-­‐going  cost Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 19
  • 20. What makes us different from competition? TECHNOLOGY   PIN & Data protection - Ability to protect secret and sensitive data in mobile phones and PDAs, using Cidway patented solution   Registration and Activation - Ability to ensure convenient & secure registration procedure for CIDWAY mobile tokens   Time Management - Ability to time-stamp the OTP and Transaction Signature to the second and to allow an off-line (after-the-fact) verification of the OTP or the Signature.   Automatic Time Synchronization - Ability to fix in a transparent way for the user and the server the time drift between the token and the server, even if the token is a mobile application. UNIQUE RESPONSE TO MARKET NEEDS   2-Factor Authentication – using a time-based OTP generated autonomously on a mobile phone   2-Way Authentication – ensuring the User he’s connected to the right server   Transaction Signature – preventing MitM attacks, with uniquely customizable fields   Mobile SDK – seamless integration into any mobile application ensuring the simplest User experience Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 20
  • 21. THANK YOU FOR YOUR ATTENTION For more information, contact: Laurent FILLIAT VP Strategic Business Mob. +41 78 842 11 47 Tel. +41 21 331 27 00 Fax +41 21 331 27 09 Email: laurent.filliat@cidway.com