In order to counter spyware, key loggers, botnets, Trojans, phishing, pharming, shortened web addresses, several countries and industry organizations have taken the lead to safeguard customers and to help businesses through regulations and guidelines.
Key Features of Total Authentication Solution: Overview — Choice of strong authentication vendor mix for The Total Authentication Solution has a proven track lowest Total Cost of Ownership record in staying ahead of technological innovations and — Multi-factor authentication for privileged users trends. It has received certification for RSA Secured® Partner Program, Mastercard EMV CAP AA4C and (as — End-to-end encryption for sensitive data first) OATH program for both HOTP and TOTP server — FIPS-140 Level 3 certified HSM to profiles. (Also supporting OCRA) perform cryptographic operations The Total Authentication Solution is a full fledged — High Availability, high performance authentication security solution in an appliance (also and scalability available under VMWare®), providing End-to-End Security for passwords and highly sensitive information to secure electronic transactions. It is a high security and high Compliance: The Need for Security performance system that has the ability to support millions of users with different types of authentication methods Increase of Threats and different types of tokens. The combination of power Cyber threats such as credit card fraud, identity theft and and flexibility reduces implementation risks and decreases data breach have risen as an increasing number of people the Total Cost of Ownership (TCO). are going online to conduct financial transactions. Millions of people all over the world have been affected. Token Agnostic Approach People have become a constant target for cyber criminals The multi-authentication, multivendor, multi- who use spyware, key loggers, botnets, Trojans, phishing, domain and multi-token agnostic approach pharming, shortened web addresses and even social media. assures: Regulations and Guidelines - Lower Total Cost of Ownership (TCO) In order to counter this, several countries and industry - Freedom of vendor token selection organizations have taken the lead to safeguard customers - Flexibility in deployment and migration and to help businesses through regulations and guidelines. There is no lock-in to any token vendor, giving the flexibility of deploying and switching - The Monetary Authority of Singapore has published their tokens on your demand, while maintaining a Internet Banking and Technology Risk Management good balance among costs, convenience and Guidelines (IBTRM) which are considered to be the most risks. stringent in the world - T he world’s leading card brands collaborated to create Strong Authentication Choice an industry-wide framework known as the Payment Card A large variety of methods are supported - including: Industry (PCI) Data Security Standard (DSS), a set of best Vasco/DIGIPASS, RSA/SecurID tokens practices designed to secure credit card data throughout All OATH OTP tokens (HOTP – TOTP - OCRA) the information lifecycle for storing, processing and USB key tokens - including hybrid tokens (OTP & PKI) transmitting cardholder data. EMV CAP tokens (Mastercard EMV-CAP / PLA - 4AAC) PKI X.509 tokens (using any CA or the embedded CA) Total Authentication Solution Compliance SMS One Time Password (logon and transaction) The TAS authentication server is compliant with both IBTRM Mobile phone (iPhone, Android, BlackBerry, J2ME) and PCI DSS, which should be seen as an insurance policy, Scratch and matrix cards – PIN TAN lists Micro SD cards protecting your business from the financial costs of failing Flexible OTP display cards to secure identity and transaction data. And also one-factor authentication: With the TAS you can be assured that our solutions can be part of your IT investment to achieve industry guidelines, Static password authentication regulations and compliance. Partial Password authentication Copyright © DS3 - Data Security Systems Solutions Pte Ltd 2011 - www.DS3global.com - firstname.lastname@example.org - All rights reserved Features High Availability and Scalability Defense against Man-In-the-Middle Attacks High Availability architecture is available with two Production The Total Authentication Solution supports the following and two Disaster Recovery servers. Th i s can be further mechanisms to defend against MITMA attacks: scaled horizontally up to 12 servers in an active-active cross site architecture to deliver up to 99.999% availability. SMS Out-Of-Band Transaction Signing VASCO token signing In compliance with: OATH OCRA transaction signing (coming soon) MAS IBTRM Guidelines addressed Section 4.3 EMV CAP Mode 1 transaction signing The Out-Of-Band authorization via SMS Transaction Comprehensive ID-Management signing is achieved by transmitting an SMS message to the The Total Authentication Solution is able to enforce strong ID user’s pre-registered mobile number containing the management for administrator and non-administrator transaction details n ad the transaction-signing accounts including: au th orization code to be entered in order to confirm the ID Creation/Modification/Deletion transaction. Password locking / resets / force change Strong Authentication for Critical Systems Inactivity lockout The Total Authentication Solution can be used and Password policy enforcement integrated with to enforce strong authentication for critical Each user is managed by a unique UserID having a set of systems such as: authentication access controls assigned to him. Windows Servers (via GINA) Linux, UNIX Servers (via PAM) In compliance with: Citrix Servers (via RADIUS) PCI DSS Requirements addressed Section 8.1 and 8.5 VPN (via RADIUS) Tivoli suite: TAMeb, TAM esso, iTIM, TFIM Summary In compliance with: The Total Authentication Solution is a complete MAS IBTRM Guidelines addressed Section 4.4 Authentication Security solution in an appliance (also available PCI DSS Requirements addressed Section 8 & Section 1c under VMWare®), which has received certifications from industry leaders and incorporates some of the best End-to-End Encryption – HSM FIPS-140 – PKI practices employed in the industry. Securing End-To-End Encryption (E2EE) for PINs, passwords, By effectively addressing industry guidelines and transactions and other customer information is ensured by requirements, the Total Authentication Solution can help providing the necessary Java Script / Applet for the frontend your organization achieve compliance in a timely and cost- and backend HSM cryptographic operations. effective manner. At the same time offering the freedom of In order to perform secure cryptographic operations, the choice of authentication method and token vendor a lower Total Authentication Solution can embed a FIPS-140 Level 3 total cost of ownership can be achieved. certified HSM. Information on IBM Total Authentication server here Additionally transparent key management features allow f i n a n c i a l i n s t i t u t i o n s to generate, use and renew DS3 keys without any key information ever leaving the Singapore Headquarters North Americas appliance. Tel: +65-6479-5688 Tel: +1-408-834-4430 Email: info@DS3global.com Email: agrossi@DS3global.com EAP-TLS PKI certificates can be issued t o support strong authentication services via 802.1X. Japan Middle East Tel: +81-3-5829-9757 Tel: +971-50-519-4873 In compliance with: Email: cskyo@DS3global.com Email: rahul@DS3global.com MAS IBTRM Guidelines addressed Section 4.1 Europe India Tel: +32-478-34-99-15 Tel: +91-981-968-5840 PCI DSS Requirements addressed Section 4.1 and 8.4 Email: eco@DS3global.com Email: amit@DS3global.com Copyright © DS3 - Data Security Systems Solutions Pte Ltd 2011 - www.DS3global.com - email@example.com - All rights reserved
Pages to are hidden for
"IBM - TAS -Total Authentication Solution - Regulations, Guidelines, Compliance"Please download to view full document