Tuesday, September 27, 2011

Thwarting Identity Theft Attacks - Legal Blog

Bank of India, one of the largest public sector banks in India has been in the forefront of introducing various innovative services and systems, one of them being StarToken? Secure Internet Banking, powered by UNIKEN?s Rel-IDSM for its retail banking customers. With this technology being successfully rolled out to BOI?s Internet banking users across India, chances are that such large-scale implementation of this cutting-edge technology might be a pioneering and game-changing event in the industry.

To protect their customers from internet fraud and identity theft, Bank of India is rolling out StarToken? in phases, in line with its StarConnect? branded Secure Internet Banking services. And StarToken? is powered by the patented Rel-IDSM technology, developed by UNIKEN ? a product and technology innovation company based in Florida (USA) with their Innovation Centre in Pune, India. Rel-IDSM not only sets up a secure communication channel between the users? PC and the banks servers, but also provides a secure browser and secure desktop, that can protect the customers against phishing, pharming, Man-in-the-Middle, Man-in-the-Browser attacks, spyware, malware, key-loggers, screen-scrapers, Trojans and soon.

Problem

?Cyber attacks are getting more sophisticated by the day and frauds related to internet banking and online payment transactions are on the rise across the world. While we continue to educate our customers about what precautions to take, BOI wanted to implement an IT solution that could empower our customers to protect their own identity online and be able to do banking safely from any computing device without worrying about security,? elaborates SameerJ. Ratolikar, Chief Information Security Officer, Risk Management Department, Bank of India. Today, two-factor authentication on our part is not enough ? the customer should also be given some means to authenticate the bank?s site in order to stop the phishing attacks. Furthermore, neither the bank nor the customer has any control on the network, so the customer should be able to connect to the bank on an encrypted communication channel over and above SSL. And this channel has to be unique and only be established with the bank and no one else. Also, the customer?s PC is exposed to multiple threats. The ideal security solution should protect the customer from such threats and allow him/her to bank even from an unsecure PC.

Solution

Offering the promise of meeting such stringent criteria, UNIKEN?s secure banking solution ? TruBankSM, powered by the innovative Rel-IDSM technology based on two-factor, mutual authentication at the network level, was deployed by Bank of India and system-integrated by HP.

To understand how this disruptive technology works, Dr. Pat Shankar, Chief Scientist, UNIKEN and advisor to US Dept. of Defense explains, ?Both the customer, as well as the customer?s access device are authenticated before providing the customer access to the bank?s servers. An encrypted private tunnel is then established between the bank and the client over which all the data can then be securely transmitted. This tunnel is over and above the SSL channel that the bank normally uses for its internet banking services. So now the bank and its customers can only connect via the secure access client, which has an in-built Secure Desktop and Secure Browser technology, which protects the customer against most of the known malicious spyware on users? PCs. Additional authorization for all transactions including third party transfers and merchant payments using Net Banking is also required.?

Effectively, this solution provides protocol-level authentication of both the client and the server, thus eliminating phishing, pharming and Man-in-the-Middle attacks. The TruBankSM client therefore also protects the customers from key-loggers, screen-scrapers, Trojans, malicious browser add-ons and helper objects. While these technologies isolate the customer from harm on their PCs, the Rel-IDSM Mutual Authentication and Encryption Protocol (RMAP) ensures that the customer only connects to the Bank and to nobody else. The protocol tunnels the https traffic providing an on-demand private network between the Bank and the TruBankSM client.

The solution complies with two-factor authentication and end-to-end encryption requirements issued by various regulatory agencies across the world and keeps Bank of India ready for future compliance requirements.

Result: Successful Implementation in Phases

Bank of India initiated the deployment of this technology in April 2010 and thousands of customers all across India have already been successfully migrated to the new technology. It is being rolled out in phases. Most customers are readily adopting this solution and complimenting the bank for its proactive efforts to provide them greater security in today?s unsafe environment. ?The roll-out was completed smoothly with minimum interference with normal Internet banking usage. We have increased the online security levels by an order of magnitude without affecting the user experience. Rel-IDSM is already proving to be critical in making Bank of India one of the more secure banks in the world today,? reported UNIKEN?s on-site team. ?Staying ahead of the technology curve is critical today when it comes to providing security. As attacks become more sophisticated by the day, innovative solutions and the end users? eager acceptance will be the key to success ? something that had been the norm in the developed economies can now be seen in the Indian scenario,? concludes Sanjay.

Source: http://www.amsfj.com/thwarting-identity-theft-attacks/

moneyball nasa satellite nasa satellite x factor auditions x factor auditions v for vendetta kate walsh

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.