SlideShare una empresa de Scribd logo

CrontoSign

cronto
cronto
TecnologíaEconomía y finanzas
1 de 9
Securing Financial Transactions Online Cronto Limited, +44 1223 750001, www.cronto.com
Trojan Malware: Man-in-the-Browser No Transaction Signing = Stop-Gap • Extra passwords, secret questions, OTP tokens etc. DO NOT WORK! • Need to authenticate the TRANSACTION not just the user "These attacks have been successfully and repeatedly executed against many banks and their customers across the globe in 2009" Avivah Litan, vice president and analyst at Gartner. © 2012 Cronto Limited 2
Choosing Transaction Signing Criteria Requirement Client Option Hardware Device & Mobile Application Data Capacity 60-100 free text characters User Experience The concept is familiar to the user Speed < 1s decoding performance Robustness Works on all mobile/computer screens and in various lighting conditions Personalisation Ability to Re-Personalise device/app Security Encrypted data, transaction signature Maturity Proven performance, ready for rollouts © 2012 Cronto Limited 3
CrontoSign • Designed for online banking - full transaction signature - dynamic: no hardcoded use cases - effective personalisation • Based on simple familiar to user concept – take a picture • Uses colour to increase data capacity, speed and robustness • Available as mobile software and standalone hardware © 2012 Cronto Limited 4
Cronto Visual Transaction Signing Cronto Visual Transaction Signing Click k 1. Bank generates the Cronto visual cryptogram erates the Cronto visual cryptogram a photo of the computer and Customer takes omer takes a photo of screen using the CrontoSign client. the computer sing the Cronto client application. © 2012 Cronto Limited 5
Cronto Visual Transaction Signing Cronto Visual Transaction Signing Check k ck 2. Customer checks payment details on the r checks payment visual cryptogram to the web page and enters erates the Cronto details on the phone comparing omer takes a photo of the authorisation code if details are correct the computer mparing to the web page and enters orisationCronto client application. sing the code if details are correct © 2012 Cronto Limited 6
Encrypted Free Text Transaction Encoding Bank chooses what data to encode and when © 2012 Cronto Limited 7
Dynamic Personalisation • CronSign Device/App is distributed unpersonalised • Secure credentials provisioned via a CrontoSign image • Update credentials without replacing the device NO Seed Data stored by Cronto © 2012 Cronto Limited 8
Try CrontoSign • Download CrontoSign demo app, available from: - Apple App Store - Android Market • www.crontosign.com/get • Use it at: - www.crontosign.com contact@cronto.com +44 1223 750001 www.cronto.com © 2012 Cronto Limited 9

Recomendados

Proj 686 -_dep_gilberto_ribeiro
Proj 686 -_dep_gilberto_ribeiroProj 686 -_dep_gilberto_ribeiro
Proj 686 -_dep_gilberto_ribeiroGerson Peña
 
Painel 04 03 - leon - Construção de modelos preditivos para melhoria na sel...
Painel 04 03 - leon - Construção de modelos preditivos para melhoria na sel...Painel 04 03 - leon - Construção de modelos preditivos para melhoria na sel...
Painel 04 03 - leon - Construção de modelos preditivos para melhoria na sel...Tribunal de Contas da União - TCU (Oficial)
 
CGD | Investor journal n01_2016
CGD | Investor journal n01_2016CGD | Investor journal n01_2016
CGD | Investor journal n01_2016Caixa Geral Depósitos
 
MFG Extended Presentation 11 26 15
MFG Extended Presentation 11 26 15MFG Extended Presentation 11 26 15
MFG Extended Presentation 11 26 15Mohamed Gamal
 
6 Ways Your Brain Transforms Sound into Emotion
6 Ways Your Brain Transforms Sound into Emotion6 Ways Your Brain Transforms Sound into Emotion
6 Ways Your Brain Transforms Sound into EmotionIsland Better Hearing
 
BBC 2.0 Years On
BBC 2.0 Years OnBBC 2.0 Years On
BBC 2.0 Years OnEduserv Foundation
 
Carlos eduardo carvalho projeto 192 14 12 2009
Carlos eduardo carvalho projeto 192 14 12 2009Carlos eduardo carvalho projeto 192 14 12 2009
Carlos eduardo carvalho projeto 192 14 12 2009Pablo Mereles
 
Membership Communities: Facebook Groups vs Forums
Membership Communities: Facebook Groups vs ForumsMembership Communities: Facebook Groups vs Forums
Membership Communities: Facebook Groups vs ForumsThe Membership Guys
 

Recomendados

Proj 686 -_dep_gilberto_ribeiro
Proj 686 -_dep_gilberto_ribeiroProj 686 -_dep_gilberto_ribeiro
Proj 686 -_dep_gilberto_ribeiroGerson Peña
 
Painel 04 03 - leon - Construção de modelos preditivos para melhoria na sel...
Painel 04 03 - leon - Construção de modelos preditivos para melhoria na sel...Painel 04 03 - leon - Construção de modelos preditivos para melhoria na sel...
Painel 04 03 - leon - Construção de modelos preditivos para melhoria na sel...Tribunal de Contas da União - TCU (Oficial)
 
CGD | Investor journal n01_2016
CGD | Investor journal n01_2016CGD | Investor journal n01_2016
CGD | Investor journal n01_2016Caixa Geral Depósitos
 
MFG Extended Presentation 11 26 15
MFG Extended Presentation 11 26 15MFG Extended Presentation 11 26 15
MFG Extended Presentation 11 26 15Mohamed Gamal
 
6 Ways Your Brain Transforms Sound into Emotion
6 Ways Your Brain Transforms Sound into Emotion6 Ways Your Brain Transforms Sound into Emotion
6 Ways Your Brain Transforms Sound into EmotionIsland Better Hearing
 
BBC 2.0 Years On
BBC 2.0 Years OnBBC 2.0 Years On
BBC 2.0 Years OnEduserv Foundation
 
Carlos eduardo carvalho projeto 192 14 12 2009
Carlos eduardo carvalho projeto 192 14 12 2009Carlos eduardo carvalho projeto 192 14 12 2009
Carlos eduardo carvalho projeto 192 14 12 2009Pablo Mereles
 
Membership Communities: Facebook Groups vs Forums
Membership Communities: Facebook Groups vs ForumsMembership Communities: Facebook Groups vs Forums
Membership Communities: Facebook Groups vs ForumsThe Membership Guys
 
6. Improving ST2 KPI
6. Improving ST2 KPI6. Improving ST2 KPI
6. Improving ST2 KPIPHEScreening
 
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...PHEScreening
 
Sudden cardiac death
Sudden cardiac deathSudden cardiac death
Sudden cardiac deathPHEScreening
 
Зачем лин-менеджеру управлять знаниями?
Зачем лин-менеджеру управлять знаниями?Зачем лин-менеджеру управлять знаниями?
Зачем лин-менеджеру управлять знаниями?Всеукраинский Форум "Развитие производственных систем"
 
Content Marketing - www.KoalaDesign.ir
Content Marketing - www.KoalaDesign.irContent Marketing - www.KoalaDesign.ir
Content Marketing - www.KoalaDesign.irParham Abyazi
 
Nicol Ripon NOCN presentation
Nicol Ripon NOCN presentationNicol Ripon NOCN presentation
Nicol Ripon NOCN presentationMike Harris
 
EN_T-Time 1 2015
EN_T-Time 1 2015EN_T-Time 1 2015
EN_T-Time 1 2015Gary M. Gladysz, PhD
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 

Más contenido relacionado

Destacado

6. Improving ST2 KPI
6. Improving ST2 KPI6. Improving ST2 KPI
6. Improving ST2 KPIPHEScreening
 
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...PHEScreening
 
Sudden cardiac death
Sudden cardiac deathSudden cardiac death
Sudden cardiac deathPHEScreening
 
Content Marketing - www.KoalaDesign.ir
Content Marketing - www.KoalaDesign.irContent Marketing - www.KoalaDesign.ir
Content Marketing - www.KoalaDesign.irParham Abyazi
 
Nicol Ripon NOCN presentation
Nicol Ripon NOCN presentationNicol Ripon NOCN presentation
Nicol Ripon NOCN presentationMike Harris
 

Destacado (7)

6. Improving ST2 KPI
6. Improving ST2 KPI6. Improving ST2 KPI
6. Improving ST2 KPI
 
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...
AAA London Network Event 27 Nov 2015 Louise Wilkinson clinical audit presen...
 
Sudden cardiac death
Sudden cardiac deathSudden cardiac death
Sudden cardiac death
 
Зачем лин-менеджеру управлять знаниями?
Зачем лин-менеджеру управлять знаниями?Зачем лин-менеджеру управлять знаниями?
Зачем лин-менеджеру управлять знаниями?
 
Content Marketing - www.KoalaDesign.ir
Content Marketing - www.KoalaDesign.irContent Marketing - www.KoalaDesign.ir
Content Marketing - www.KoalaDesign.ir
 
Nicol Ripon NOCN presentation
Nicol Ripon NOCN presentationNicol Ripon NOCN presentation
Nicol Ripon NOCN presentation
 
EN_T-Time 1 2015
EN_T-Time 1 2015EN_T-Time 1 2015
EN_T-Time 1 2015
 

Último

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Último (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

CrontoSign

  • 1. Securing Financial Transactions Online Cronto Limited, +44 1223 750001, www.cronto.com
  • 2. Trojan Malware: Man-in-the-Browser No Transaction Signing = Stop-Gap • Extra passwords, secret questions, OTP tokens etc. DO NOT WORK! • Need to authenticate the TRANSACTION not just the user "These attacks have been successfully and repeatedly executed against many banks and their customers across the globe in 2009" Avivah Litan, vice president and analyst at Gartner. © 2012 Cronto Limited 2
  • 3. Choosing Transaction Signing Criteria Requirement Client Option Hardware Device & Mobile Application Data Capacity 60-100 free text characters User Experience The concept is familiar to the user Speed < 1s decoding performance Robustness Works on all mobile/computer screens and in various lighting conditions Personalisation Ability to Re-Personalise device/app Security Encrypted data, transaction signature Maturity Proven performance, ready for rollouts © 2012 Cronto Limited 3
  • 4. CrontoSign • Designed for online banking - full transaction signature - dynamic: no hardcoded use cases - effective personalisation • Based on simple familiar to user concept – take a picture • Uses colour to increase data capacity, speed and robustness • Available as mobile software and standalone hardware © 2012 Cronto Limited 4
  • 5. Cronto Visual Transaction Signing Cronto Visual Transaction Signing Click k 1. Bank generates the Cronto visual cryptogram erates the Cronto visual cryptogram a photo of the computer and Customer takes omer takes a photo of screen using the CrontoSign client. the computer sing the Cronto client application. © 2012 Cronto Limited 5
  • 6. Cronto Visual Transaction Signing Cronto Visual Transaction Signing Check k ck 2. Customer checks payment details on the r checks payment visual cryptogram to the web page and enters erates the Cronto details on the phone comparing omer takes a photo of the authorisation code if details are correct the computer mparing to the web page and enters orisationCronto client application. sing the code if details are correct © 2012 Cronto Limited 6
  • 7. Encrypted Free Text Transaction Encoding Bank chooses what data to encode and when © 2012 Cronto Limited 7
  • 8. Dynamic Personalisation • CronSign Device/App is distributed unpersonalised • Secure credentials provisioned via a CrontoSign image • Update credentials without replacing the device NO Seed Data stored by Cronto © 2012 Cronto Limited 8
  • 9. Try CrontoSign • Download CrontoSign demo app, available from: - Apple App Store - Android Market • www.crontosign.com/get • Use it at: - www.crontosign.com contact@cronto.com +44 1223 750001 www.cronto.com © 2012 Cronto Limited 9

Notas del editor

  1. \n
  2. \n
  3. \n
  4. \n
  5. \n
  6. \n
  7. \n
  8. \n
  9. \n