X hits on this document

38 views

0 shares

0 downloads

0 comments

16 / 22

SECURITY

eBank.net general security framework is designed and built over industry standards for security, including identifying and applying practices for authorization, authentication, cryptography, session management, sensitive data management, infrastructure security, auditing and logging.

Security highlights

Standard categories Authentication

Unique user codes and passwords for eBank.net channels access; Password expiration and user disablement; User passwords stored one-way encrypted

Authorization

User credentials and privileges validation on every resource and application block; Personal permissions on banking services

Cryptography

PKI and digital certificates as a standard for user authentication, integrity of data interchange, confidentiality and preventing repudiation issues

Session management

Unique session identifiers and secured session details storage; Session lifetime control on every discrete user action

Sensitive data management Infrastructure security

Sensitive data stored, sent over network and logged in encrypted form

Secured network infrastructure provided by the Bank; Encrypted traffic between application tiers; SSL where applicable; Securing eBank.net servers

Auditing and logging

Full log of user activity; Audit of application activity through all application tiers

Customer Security Options

OTC and OTS devices

OTC - One Time Codes, and OTS - One Time Signatures with cryptography devices (tokens, smart cards, etc.) generating session keys and/or TANs. (*depends on platform vendor ready-to-run interfaces for VASCO Data Security devices; option for RSA, Aladdin or other are available for development)

Bank account integration

management

Integration to existing central Bank user account management systems providing credentials and sign-in services to customers

PKI

eBank.net adopts PKI*-based security, implemented through usage of personal digital certificates for authentication and enhanced security on selected customer services (payment orders, funds transfers and other operations), with all sensitive data signed with user’s digital signature. User certificates are stored on user’s OS cryptography storage or on a secure device (token or smart card). eBank.net PKI implementation is compliant to currently effective Electronic Document and Electronic Signature Law and supports UES (Universal Electronic Signature) by certified national vendors. eBank.net may also provide a built-in PKI based on Microsoft Certificate Services, with open connectivity to other security providers.

Other security related features

Anti-phishing tools Anti-bot tools

2-way authentication techniques (bank server presentation) Required digits or letters displayed as pictures on all public application forms

12

Document info
Document views38
Page views38
Page last viewedSat Oct 29 00:12:21 UTC 2016
Pages22
Paragraphs493
Words6279

Comments