eauthentication and Cross Boarder etransaction James Wu / jrsys CEO 1 1
Taiwan s e-gov Journey Efficiency & Effectiveness Infrastructure Development & Penetration Online Service Development Integrated, Interoperable and Interactive Services E-Governance Pervasive Services Transparency Accountability Participation web2.0 driven Clustered, Proactive, Trustworthy and Non-stop Services Device Portable devices Network Wireless Broadband Application Web 2.0 Applications Cloud Computing Stage 1 Stage 2 Stage 2.5 Stage 3 Stage 4 egovernment 3-year Program 1998-2000 egovernment Program 2001-2004 E-Taiwan egov Program 2003-2007 2 U-Taiwan egov Program 2008-2010 Intelligent Taiwan egov Program 2008-2011
Taiwan e-gov Framework e-gov Online Services Government e-procurement System (GEPS) Land Information System e-tax System G2B Service Platform e-invoice Platform GPKI GCA, MOICA MOEACA, XCA My egov Service Portal Site Government Service Platform (GSP) Gov Agencies Portal Sites Government Directory Service GDS, XDS, CPA Government Service Network (GSN) Citizen Gov t Business Organizat n Application Services Infrastructure 3
Government Public-Key Infrastructure (GPKI) GRCA GTestCA GCA XCA MOEACA MOICA HCA All kinds of test certs. for developing apps Government Agencies, E-Gov Servers Other organizational entities (e.g., school, not-for-profit org.) Businesses (companies and branches, and shops) Citizens Healthcare Professionals, Healthcare orgs, Healthcare Servers 4
Proactive Services Proactive Service e-housekeeper for citizen e-helper for business Satisfaction Instance notice Greater efficiency Safe and secure Integrative with other channels e-secretary for Gov employees Innovating Services 5
G2B2C e-document Interchange Taiwan first Validation Authority product (2002) Taiwan largest Validation Authority Big transaction volumes (33,000 edocument /day) Digital signature/ encryption Verify signature/ Decryption E-Official Document 6
Taipei City Government Multi-purpose card Employee ID card Employee ID Contact PKI Card Contactless Transportation Card Secure Single-Sign-On System 7
Newborn baby reporting system 8
Military PKI-enabled Applications The first Military PKI-enabled project For both Web base and Client Server Applications Secure Single Sign On Access control by PKI smart card Users include army, navy and air force 9
Ministry of Transportation and Communications Mobile Signature and Validation Service Microsoft Active Directory Service PKI-enabled Application Web AD management t portal 10
Ministry of Finance 2.Login GCA Internet MOICA EIP Portal Purchase Order System User 1.User with Smart Card Electronic Document PKI Validation Verify CRL SVC OCSP SVC HA PKI suite 3.Verify 5.Result PKI suite Material and Transport Meeting Room Reservation Human Resource 6.Authorization DB LOG SVC 4.Log Audit Log Server EIP(Sun One) LDAP MS AD 11
Ministry of Foreign Affairs Single Sign On PKI APIs 12
ezfly Online Travel Agent 16 13
CHT WebTrust Certificate We issue certificates to Mobile & PC Jrsys Secure Mobile/PC Tokens USB PKI Token Smart Cards USB PC/SC reader Secure MicroSD ios/pc /Android Token Bluetooth Reader Software PFX HCE 14
eauthentication Different level of security ID/Password One Time Password PKI Two Factor Authentication Software Token Secure Element Hot Technologies Kerberos/SAML QR code OTP Mobile PKI HCE Tokenization NFC FiDo Biometric Apple Pay Dual-Channel Multi-Factors Authentication 15
All in One OTP solutions One Time Random Password Low cost solution Slim SIM OTP SMS AOTP OTP APP QR code OTP MicroSD OTP OCRA OTP jrsys OATH OTP Server Android Token ios OTP e-ink Display Master Card OTP Token 16
Mobile ID (OOB auth) 1. Input ID and Password PKI base QR code Dual Channels Two Factors Out-Of-Band authentication Internet 2. Scan QR code to obtain the OTP code 3. Server verify the OTP code CA/RA Jrsys Authentication Server 17
Mobile PKI Smart Card SIM Bluetooth Reader, NFC Mobile Phone, Audio Reader SWP SIM, Slim SIM Sticker with Secure Element/SWP, HCE Secure MicroSD ios/android/pc Token Audio PKI Token FiDo/Apple Pay NFC + SE +Fingerprint sensor 18
Secure Mobile Devices Bluetooth Reader World First ios/android/pc Token e-ink Master OTP card Audio Reader 19
Bluetooth Smart Card Reader for ios/android/pc 20
Dual Interface Smart Card Multi-Function Smart Card ID card (Contact/Contactless ICAO) PKI card (Contact/Contactless Digital Signature) Transportation Card (Contactless MiFare) 21
World First ios/android/pc Token ios 8-Pin Lightning Connector Android Mini USB PC USB Platform: PC/Android/iOS Jrsys Secure MicroSD inside 22
Secure your cloud storages Secure your cloud storage with one more device. 23
Pain & Solution PKI is hard to understand and implement Cross Platform is hard, especially Mobile High Hidden cost 24
Easy & Fast PKI-enable Solutions PKI-enabled in 3 Days Not 3 Months Cross Platform Various Devices Firefox Plug-In ActiveX Chrome Plug-In Mobile Signature & Validation Service 25
2014 Taiwan ITM Best product Winner Award Security Suits for PC Web Authentication with SE Applications Software Applications can work with Jrsys Middleware Jrsys PC Security Suite and many Firefox Plug-In ActiveX Chrome Plug-In Secure Devices Multiple Tokens Software PFX Smart Card 26 USB Token HSM
2014 Taiwan ITM Best product Winner Award Security Suits for Mobile Applications Mobile Authentication with SE Secure Mobile APP can work with Jrsys Middleware One Time Password Secure e-mail Secure PDF Mobile Signature jrsys Mobile Security Suite Mobile Money and many ios SDK Android SDK Secure Mobile Devices Software PFX HCE Multiple Mobile Tokens Smart Cards Bluetooth reader 27 Secure MicroSD PC/iOS/Android Token
WebTrust RA CHT WebTrust CA issue certificates to Mobile & PC Jrsys Secure Mobile/PC Tokens USB PKI Token Smart Cards USB PC/SC reader Secure MicroSD ios/pc /Android Token Bluetooth Reader Software PFX HCE 28
Cloud Validation All in One Authentication Service: ID/Password, OTP, Smart Card, Mobile Tokens and Micro SD. Single Sign On PKI APIs 29
Secret Communication System VOIP IM Photo File PDF E-Mail 30
Cross-Border e-commerce Mobile Payment James Wu /jrsys Digital Signed Electronic Document Exchange 31
QR Code for Digital Signature Online/Offline Payment, 2 Factor Login, etc. 32
2 Factor Login QR Code & Mobile No Phishing Secure Sign In Traditional ID/Password Hard to against Trojan, Sniffer, Web Site Compromised and Bad Administrator Dual Channel Two Factor Secure Login Cross Platform/ Browsers 33
Big Risk of Online Shopping You may lost Card Number + Expiration Date + CVV Card Not Present Transaction Trojan, Sniffer, Phishing site e-commerce site compromised 34
On-Line Payment No more Card Number + Expiration Date + CVV Just Scan the Secure QR Code Commerce 1.Prepare checkout data 2.Create a Digital Signed Checkout QR code on the screen Consumer 3.Scan the checkout QR code 4.Select virtual credit card 5.Input PIN code to confirm the payment Credit card information is not transmitted Date:2014/10/02 Merchant s Digital Signature 35
Off-Line Payment More Secure and Fast than Magnetic Credit Card Swipe Payment Mobile Payment Before Out-of-band authentication Handwriting signature Card can be Cloned Sign a Credit card Check Merchant scan the QR 36
Offline Payment Process Consumer 1.Select Virtual credit card 2.Enter the amount 3.Input PIN to make a digital signature and Generate a QR code Commerce 4.Scan the QR code 5.Make a Digital Signature 6.Connect to Payment Gateway Date:2014/10/02 Consumer s Digital Signature 37 Commerce cannot clone any card!
QR code for Logistic Shipping QR code contains Product codes, Quantities, Date, Time and Manufacture's Digital Signature User can scan and verify it immediately 38
Patented QR Code Payment Digital Signature QR code Not only an URL/ OTP short code But also the transaction with digital signature Date:2014/10/02 Time:11:50 Amount: US$25 OTP Digital Signature Easy to deploy and use No additional hardware cost Patented O2O Payment technology Authentication, Integrity, Confidentiality and Non-repudiation secure transaction 39
Digital Signed Hard Copy Document Before H andwriting Signature Digital Signed PDF or Hard copy Printout Now PDF417 Original Document with Digest Party A s Digital Signature Party B s Digital Signature 40
Digital Signed Hard Copy Document Digital signed PDF 417 License Digital signed QR code Invoice 41
About jrsys Innovative Mobile and Cloud Security-Enabler 2014 Taiwan ITM Best 100 products Winner Award APICTA Award 2013 Security Winner 2012 Mobile Money Innovation Award 2012 ASIA PKI Innovation Award 42 One of the 7 innovative ideas to provide greater access to financial services from 98 best ideas of 26 countries BY: MIF, IDB, CAF and GSMA
Partner with Foxit 27,500 Millions PDF users use jrsys security Suite 43
jrsys Secure your Mobile Life! 44 44