INNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY

Similar documents
Swedish bank overcomes regulatory hurdles and embraces the cloud to foster innovation

AKAMAI CLOUD SECURITY SOLUTIONS

Keep the Door Open for Users and Closed to Hackers

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Next Generation Authentication

Security-as-a-Service: The Future of Security Management

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage

Sage Data Security Services Directory

Authentication Technology for a Smart eid Infrastructure.

2017 Company Profile

Introducing. Worldpay Total. Worldpay international omni-channel payment solution

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

2015 VORMETRIC INSIDER THREAT REPORT

Integrated Access Management Solutions. Access Televentures

How Next Generation Trusted Identities Can Help Transform Your Business

TOMORROW S SECURITY, DELIVERED TODAY. Protection Service for Business

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Managed Services.

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Make security part of your client systems refresh

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Combating Cyber Risk in the Supply Chain

CYBER SECURITY OPERATION CENTER

Security Awareness Training Courses

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

WHITE PAPER. ENSURING SECURITY WITH OPEN APIs. Scott Biesterveld, Lead Solution Architect Senthil Senthil, Development Manager IBS Open APIs

DIGITAL TRUST Making digital work by making digital secure

ADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI. Adaptive Authentication in IBM Tivoli Environments. Solution Brief

White Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

Authentication Methods

BlackBerry 2FA. Datasheet. BlackBerry 2FA

Go Cloud. VMware vcloud Datacenter Services by BIOS

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

THALES DATA THREAT REPORT

WHITEPAPER. Security overview. podio.com

Safelayer's Adaptive Authentication: Increased security through context information

IT People has been offering end-to-end IT outsourcing & staffing solutions to companies since two decades.

EMERGING TRENDS AROUND AUTHENTICATION

2017 THALES DATA THREAT REPORT

PCI DSS and VNC Connect

Trusted Identities. Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN

Security

Remote Key Loading Spread security. Unlock efficiency

Comodo HackerGuardian PCI Approved Scanning Vendor

Securing today s identity and transaction systems:! What you need to know! about two-factor authentication!

Citizen Biometric Authentication based on e-document verification. e-government perspective. Mindshare Ruslans Arzaniks Head of Development

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Securing Today s Mobile Workforce

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

SECURING THE UK S DIGITAL PROSPERITY. Enabling the joint delivery of the National Cyber Security Strategy's objectives

BlackBerry Enterprise Identity

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Adaptive Authentication Adapter for Citrix XenApp. Adaptive Authentication in Citrix XenApp Environments. Solution Brief

Five Reasons It s Time For Secure Single Sign-On

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

CISCO SHIELDED OPTICAL NETWORKING

ABOUT COMODO. Year Established: 1998 Ownership: Private Employees: over 700

New Zealand Government IBM Infrastructure as a Service

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

The security challenge in a mobile world

Pulseway Security White Paper

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

GLOBAL PKI TRENDS STUDY

Accelerate Your Enterprise Private Cloud Initiative

Smart Data Center Solutions

VERISEC RELEASE NOTE NOVEMBER 2016 AN UPDATE DESCRIBING THE MOST RECENT AND UPCOMING RELEASES FROM VERISEC.

ANATOMY OF AN ATTACK!

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

Building a Threat Intelligence Program

Perfect Balance of Public and Private Cloud

Clearing the Path to PCI DSS Version 2.0 Compliance

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

THALES esecurity: SECURING YOUR DIGITAL TRANSFORMATION

THALES DATA THREAT REPORT

PKI is Alive and Well: The Symantec Managed PKI Service

Nine Steps to Smart Security for Small Businesses

Industry 4.0 = Security 4.0?

Key Authentication Considerations for Your Mobile Strategy

Deliver Strong Mobile App Security and the Ultimate User Experience

Office 365 Buyers Guide: Best Practices for Securing Office 365

PCI DSS and the VNC SDK

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

Identity & security CLOUDCARD+ When security meets convenience

Entertaining & Effective Security Awareness Training

SECURE DATA EXCHANGE

white paper SMS Authentication: 10 Things to Know Before You Buy

to Enhance Your Cyber Security Needs

Verizon Software Defined Perimeter (SDP).

Redefining IT distribution. The Portfolio. The Nuvias vendor portfolio

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

BHConsulting. Your trusted cybersecurity partner

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

Cyber Security Updates and Trends Affecting the Real Estate Industry

Transcription:

INNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY Verisec is a Swedish IT-security company specialized in digital identity and information security solutions for the banking and payments industry. With cutting edge technology we provide solutions throughout your value chain; from encryption of your back end systems all the way to a secure and intuitive mobile banking experience your customers are facing. With operations in Europe, Latin America and the Middle East, we have the resources to serve international clients like BBVA, Swedbank and Verifone as well as local niche banks.

AN EXPERIENCED PARTNER FOR A TECHNOLOGICAL ADVANTAGE With more than 13 years of experience, Verisec offers identity, mobile and information security solutions to protect the IT infrastructure of banks, payment processors, stockbrokers and other organisations that handle high-value transactions: Digital Banking Strong authentication solutions. Online transaction signing solutions. Mobile Trust Platform to secure mobile banking applications such as mobile payment, identity and host card emulation. Secure Services Logistics for security devices. Information Security Encryption with Hardware Security Modules (HSM). Key management. Employee Identity & Access Remote access & application security. Secure access for partners & consultants. Cloud identity. Hosted security solutions.

DIGITAL BANKING Providing banking services on all digital platforms is a critical element of success. However, creating services with the very best user experience is not enough if the system is not protected with the very highest level of security. At Verisec, we believe that the mobile phone is the key in bringing this together and we have created the solutions to make it possible. Strong Authentication It s long been a given that online and mobile banking need defending against phishing, identity fraud, man-in-themiddle attacks, malware, session highjack and other forms of digital attack. The fundamental baseline of digital security is the ability to strongly verify a user s identity. This effectively defends against many of the techniques favored by fraudsters. Two-factor authentication and single use passwords are currently the de facto standard employed by most banks that offer online and mobile transactions as part of their services. Verisec has a well-proven solution based on the widely deployed Freja ID authentication server, as used by international banks such as BBVA. In fact, Verisec have supplied millions of one-time-password devices over more than a dozen years of trusted service to the banking industry. However, the trend in authentication is towards more convenience and less secondary hardware which naturally directs the market towards using the mobile phone as the trusted anchor for the banking relationship. Mobile trust is Verisec s strength. Our intuitive solutions are designed to facilitate the modern banking relationship customers want, and banks must offer to remain compelling in the ultra-consumer age. Transaction signing Although strong authentication is the mandatory baseline in online security, traditional one-time password systems faces challenges: users in the always on, available anywhere world are increasingly dissatisfied with these traditional security systems. Implementation flaws allow sophisticated attacks to exploit that user dissatisfaction - their need for speed and convenience. Sophisticated attacks aimed at substituting a rogue account number when setting up a new payee is an increasing threat to the rushed customer. The answer is to make the user experience more convenient, simpler, and most of all, clear as to what transactions are taking place.

BUILD APPLICATIONS WITH MOBILE TRUST AT THE CORE FREJA SDK MOBILE TRUST MOBILE PAYMENTS ONLINE MOBILE PAYMENTS HCE SINGLE SIGN-ON FINGERPRINT IDENTIFICATION ENCRYPTION KEY MANAGEMENT MOBILE BANKING The mobile phone as a device for login and signatures Mobile trust platform As part of the mobile revolution, mobile banking and ENCRYPTION KEY PROVISIONING APP SHIELDING Digital bank customers of today are rarely far from their payment solutions are growing rapidly, with a wide range mobile phone. Married to the right software, the mobile of services available and a large number of new competitors phone makes a great security device, balancing cost, emerging from the non-banking world. Banks need to react convenience and security. Verisec s Freja Mobile Solution offers several advantages compared with traditional login devices such as tokens and first-generation login apps. quickly to offer their customers mobile payment services to avoid being sidelined. SEE WHAT YOU SIGN MESSAGE ENCRYPTION IDENTITY FEDERATION TRANSACTION SIGNING The mobile phone is a computer that is always online, This is a challenge for banks in that speed to market and enabling completely new functionality, such as the ability good security are not always in alignment. Many mobile to display in plain text what transaction is taking place, or where the user is logging in from. This eliminates the risk of man-in-the-browser attacks, and also provides the user banking applications are insecure and already the first issues are reported in the press. The banks have an opportunity by partnering with a security specialist, HSM ENCRYPTION USER REGISTRATION with a far better experience of the banking service. banks can improve agility by building their applications on an existing hardened security platform. This approach means they can concentrate on their core area of expertise ON-DEVICE ENCRYPTION IDENTITY MANAGEMENT SSL CERTIFICATE VALIDATION MULTI-FACTOR AUTHENTICATION (OTP) designing and offering a service that fits the customer s need. The complex and time-consuming security subsystems 1 000 000 000 can all be taken care of by Verisec, utilizing the Freja Mobile Trust Platform. With the Freja Mobile Trust Platform you can build INTEGRITY OF MOBILE APP CONFIGURATION AND SETTINGS SECURE MESSAGIING (ENCRYPTION AND DATA INTEGRITY) users of mobile banking by 2017 applications with mobile trust at the core. By integrating our SDK in your systems you can focus on creating applications with unique user experience without worrying about security and compliance issues. We also have a close partnership with some of the world s leading developers of mobile bank applications and can form a joint development team if you want to take your banking SECURITY ELEMENTS MOBILE APPLICATIONS app to the next level or develop a new solution.

SECURE SERVICES INFORMATION SECURITY Hardware tokens Hardware security devices are still very popular for online banking, when correctly implemented they form a good defense against most common digital fraud techniques. Verisec s authentication server product Freja ID is based on open standards, which means that you can choose from a wide range of login devices. Physical security tokens have traditionally been the solution offered by banks to their customers, and Verisec offers a complete service for large-scale personalisation and distribution of these devices through Verisec Services. Services for tokens from other vendors The secure logistics service Verisec offers is in many ways unique and few of our competitors offer anything in this area, leaving their banking customers on their own to sort out the challenges around provisioning and distribution, Encryption devices Hardware security modules must be handled an distributed in a PCI compliant manner and this is one of the services Verisec can offer. Hardware encryption modules for payment is tamper evident but the process of distributing them also have high security standards in order for the unit to meet compliance regulations. As one of the leading resellers for Thales e-security we have many years of experience in this field. Hosted Security solutions More and more banks are considering solutions that mean outsourcing all of their IT security concerning digital identities. Verisec has developed exactly this type of solution, in close partnership with a Swedish bank. The service is an end-to-end commitment comprising both registration of new users and ongoing identity manage- Encryption - Hardware Security Modules Banks and payment processors handle the most valuable digital assets of all, which places higher security demands than in any other industry. As more and more digital services become available, effective and simple encryption and effective key management are fundamental for the secure management of information and transactions. Verisec offers end-to-end solutions in this area for most fields of application where encryption is required: Transaction processes. PKI solutions. Issuing of payment/smart cards. ATMs. Payment terminals. Key management Until now, most encryption keys are managed in manual processes making the systems extremely vulnerable to human errors. In addition as encryption is becoming more and more widespread, the number of encryption keys is growing to the extent that they cannot be managed manually. 49% increase of data breaches in 2014 not least the security issues. As a result of that we manage security devices for many banking customers that have other ID-solutions than Freja and we are of course happy to provide the same service to you, even if you are not using Freja. Even though we foresee a future where the mobile phone will be the most common login device, the hardware token will be around for many years ahead. So will the pain with managing the devices, unless you let us relieve it for you! ment. An outsourcing solution means several advantages for a bank: The bank can focus on its core business rather than support processes. They don t need to have experts or staff in this area. Greater flexibility when implementing new identification methods. 80% of payments worldwide are protected using Thales hardware encryption, and Verisec is one of the worldwide leaders in integration and systems development using Thales products. Our Freja products is also designed for supporting Thales HSM integration for customers that want to add an extra layer of security in the identity management systems. Verisec has its own product line for managing encryption keys: Chiave, for smooth and secure handling of all types of keys, from personalisation of payment terminals to encryption of smart cards. Verison uses Chiave for key management of payment terminals on a global basis. No need to invest in the necessary infrastructure. This results in clear cost advantages.

EMPLOYEE IDENTITY & ACCESS Remote access & application security The ever increasing trend towards employee mobility and cloud based applications present financial institutions with a much bigger version of an old challenge: how to ensure that only authorized people have access to data and systems. Passwords are simply not good enough to reasonably identify users accessing sensitive systems remotely. Phishing, social engineering, Advanced Persistent Threat attacks have shown this again and again. Strong authentication is a minimum baseline defense for remote users accessing bank systems. The same identity servers used for securing customer access Freja ID can also be used for securing remote access for employees. It enables a wide range of authentication methods and has a unique feature for minimizing administration around provisioning of tokens with a self-service portal. Cloud identity As more applications are bought from external service providers, Financial Service providers find that sensitive information and systems are protected by usernames and passwords that they do not control. This presents a risk, not only with the security flaws inherent with passwords, but also because the cloud applications have their own password policies and systems, often unsupervised by the internal IT team. Verisec offers both tools and complete solutions for identity management in the cloud. Freja Connect links the bank s internal authentication system with external cloud services, bringing control over logins and identities back within the organisation rather than leaving it with the cloud service or employee. For the user, this also means enjoying the advantages of single sign-on and not needing to worry about keeping track of numerous passwords for different services. Secure access for partners & consultants It s also been a given that consultants and partners will have secure access to the internal networks and cloud services used in their daily work. Verisec is an integrated supplier of all of the parts that make up an Identity & Access Management solution, all the way from the basic architecture with authentication services to secure handling and distribution of security tokens. Today we count the majority of Swedish banks among our customers, as well as international banks with operations on multiple continents. 7 out of10 reuse the same passwords

ABOUT VERISEC Verisec is a company on the cutting edge of digital security creating solutions that make systems secure and easily accessible. We provide a wide range of products and services within our two areas of business: Digital Identity and Information Security. The Freja and Chiave product suites are developed by Verisec and used by banks, governments and corporations worldwide. For encryption and HSM-solutions, Verisec integrates technology provided by Thales e-security, a leading global provider of data protection solutions. Verisec was founded in 2002 and is listed on Nasdaq First North in Stockholm. NORDICS Carl Persson carl.persson@verisec.com +46 (0) 733 458 914 UNITED KINGDOM & IRELAND Alan Davies alan.davies@verisec.com +44 (0) 7825 953 933 SPAIN & PORTUGAL Anders Bahrton anders.bahrton@verisec.com +34 (0) 605 216 772 LATIN AMERICA Carlos Flores carlos.flores@verisec.com +52 (1) 22 21 321 973 MIDDLE EAST Anders Henrikson anders.henrikson@verisec.com +46 (0) 733 458 903 sales@verisec.com l +46 8 723 09 00 l www.verisec.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback