VASCO Universe
Download
Report
Transcript VASCO Universe
The world’s leading software company specialized in
Internet Security
Vasco Product Portfolio
Eric Gabrys – Product Manager
Customer Needs roadmap
Complying with regulatory (FFIEC) and business security needs
Compatible with existing and future infrastructure investments.
Simple and cost-effective to implement and support
Easy to use
Completely interoperable across banking platforms, applications
and infrastructures
No “silver bullet” for curing all banking security needs
2
On-line banking security
« In our 2006 Financial Services consumer survey, security ranked as
the No. 2 reason that consumers reported for not using online
banking. » Ed Kountz, JupiterResearch, US
« Nearly 2 million Americans have had their checking accounts raided
by criminals in the past 12 months »
survey, market research group Gartner, US
« The number of recorded incidents rose 16-fold to 5,059. That led to
a 55% rise in losses from online fraud against banks, reaching £23m in
the first half of 2006. » Apacs, UK
3
On-line banking security
Passive monitoring
Key stroke logging
Active interference
Pop ups and injected dialogs
Man in the middle attacks
Selfdefense
destroy anti-virus update function
alter local software firewall rules
establish invisibility by root kit
Remote control
install back door via internet
install http and socks proxy
Identity theft
steal content of protected storage
steal email identities (pop3/imap)
steal client side certificates
install BHO to steal all https transactions
install man in the middle functions
4
A concern ?
Distribution of intercepted transactions
Banking
Brokerage
Email
E-commerce
Ebay
5
On-line banking security
6
On-line banking security
7
Full Option, All Terrain Product Strategy
Core authentication platform
Combines all authentication technologies on one unique platform
Authentication server
Combines the VACMAN core authentication platform with full server functionalities
Authentication appliances
Combines Identikey with a wide variety of Internet communication solutions;
Client e-signature software
Combines a complete set of client e-signature and user authentication functionalities on a wide
variety of platforms
Authentication Services
Combines all VASCO products and solutions in an outsourced service offering.
8
Products – current platform portfolio
VACMAN Controller /
VACMAN Middleware
INCLUDES
Virtual Digipass
Digipass – EMVCAP - OATH Verification
9
Products – Digipass for Web
http://dp4web.demo.vasco.com/
10
Authentication server
User Self Mgt
Website
GUI Admin Client
WebAdmin
Windows
MMC
Console
PHP
Admin Client
Module
Admin Client
Module
RA
DIU
S
SE
AL
RADIUS Client
Communicator
Token Provisioning
Client
Authentication
client
JSP/Servlets
Token
personalisation
module
Java/.NET
sample code
Admin Client
Module
Provisioning
Client Module
Authentication
Client Module
SO
AP
Product Features:
SOAP
SO
AP
SEAL Client
Communicator
AP
SO
DP4Web client
ASP / PHP
DPWeb Client
Module
Authentication
Client Module
SOAP Client
Communicator
Identikey Server Kernel
Tracing
module
Logging /
Auditing
module
Reporting/
accounting
module
Vacman
Controller
Engine
RADIUS
Proxy Auth
Engine
DPWeb
Auth
Engine
Windows
Proxy Auth
Engine
Virtual
Digipass
Proxy Auth
Engine
LDAP
Proxy Auth
Engine
Monitoring
module
DPWeb
Prov
Engine
Authentication
Scenario Module
Active
Directory
Connector
Administration
Scenario Module
Provisioning
Engines
Provisioning
Scenario Module
Ticket Generation
Scenario Module
Ticket Validation
Scenario Module
Authentication Engines
Scenario’s
ODBC DB
Connector
Administration
Module
License
Module
Replication
Module
Authentication
Module
Generic
LDAP
Connector
Storage
Connectors
Embedded
PostgreSQL
database
Crypto
Module
HSM
Module
IDENTIKEY Server
•
•
•
•
•
•
•
•
•
•
•
•
•
Web-based and command line administration
MMC Administration plugin (optional)
SOAP communication interfaces
Reporting
Token provisioning
DIGIPASS for Web
DIGIPASS for Mobile Phone
System monitoring; Event viewer/syslog
Transaction Signing functionality (DP Signatures)
Server features based licensing
Message Delivery Component
ODBC Storage connector
Platforms
Windows 32-bit/64-bit
Linux Intel 32-bit/64-bit (kernel 2.6+)
11
Authentication appliances
21 Internet Security Services:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
SPICT Firewall
HTTP accelerating proxy and SMTP relay
VPN Server
Statistics and Reporting
Monitoring and IPS
Multiple Internet Connections
Directory Integration Services
Advanced Bandwidth Management (QOS)
Reverse HTTP and FTP proxy
Webmail interface
Public, Intranet and Secure Web server
Network Fax Server
Public Primary DNS
High Availability
RAS analog per line (hardware included)
RAS ISDN per line (hardware included)
SSL – VPN
Radius
12
Authentication Services
VASCO 30mio - OTP: 60mio <-> 1.093mio Internet Users
Users of Service
End-Users: SSO using one Username/Password
Websites: Low Total Cost of Ownership
OpenID:
Open, decentralized, free framework for user-centric digital
identity
Not proprietary (Microsoft Passport: not successful)
Lacks trust:
VASCO will bring trust to OpenID by Trusted Parties
Multi level authentication
Low and Medium level: VASCO (or Operator/ISP)
High level (Trust) through authentication by Trusted Parties
13
Products – client platform portfolio
Basic pack
Advanced pack
14
The world’s leading software company specialized in Internet Security
www.vasco.com
Secure connection
Multiple Platforms :
> Logical Security
> Physical Security
>…
Secure connection
Multiple Services:
> Identity Management
> Fraud detection & Analysis
> Statistics & Reporting
> VPN
>…
Multiple Applications:
> e-Banking
> e-Commerce
> B2B
> B2C
> e-Government
15
The world’s leading software company specialized in Internet Security
www.vasco.com
Full Option, All Terrain Authentication Company
Thank you
Questions ?
16