Bank growth and profitability is linked to eBanking. Customers prefer online banking because it is more flexible than

high street or phone banking, and it offers banks the opportunity for growth and cost savings. However, eBanking

depends on secure authentication and user trust.

X Info Tech is a one-stop shop for complete eBanking security solutions, including hardware, software, consulting

and design, training, maintenance and support as well as device customization and fulfillment. With global reach

and unique technology,

Future-proof

Don’t start with a dead end. When it comes to

remote banking authentication, you need a system

than can grow with you. X Info Tech lets you deploy

a low-cost, simple system today and still provide an

upgrade path for the future.

System supports a wide variety of Two-Factor

Authentication solutions, including:

One Time Password (OTP).

Double Authentication.

Challenge-response.

Sign-What-You-See.

Secure Domain Separation.

Dynamic Signatures.

Electronic Signatures.

The system is completely flexible, allowing you to

mix and match users with different devices and

authentication schemes. This approach simplifies

your backend IT while maximizing flexibility.

For example, System lets you get started with

Printed Card or Scratched off Card or simple One

Time Password (OTP) Token and, as risks and

markets change, seamlessly upgrade to more

advanced devices. You can even offer other service

providers a multi-issuer authentication service using

your authentication system.

The result is a system that lets banks balance the

demands of cost, usability and security over time. It

is low-risk, scalable, secure, flexible and, above all,

future-proof.

Two-Factor Authentication

The number of Internet frauds has increased rapidly

over the last few years. This is a threat to all

institutions that provide online banking, shopping,

gaming etc. Successful frauds do not only have

immediate financial implications, they can also lead

to bad press and customers cancelling their

service, leaving for a more secure one.

X Info Tech, as a Two-Factor Authentication, offers

protection from all existing kinds of fraud attacks.

The recognized factors for Two-Factor Authentica-

tion are:

Something you know, such as a password

or a PIN.

Something you have, such as a smart card,

security token or mobile phone.

Authentication solutionfor e-COMMERCE and e-BANKING

One time password

Authentication solution includes generation of an

OTP – One Time Password. The OTP can be

generated on a smart card (presented by a secure

device), token, mobile phone or sent by text

message.

The OTP is entered by the end user and verified by

the authentication System. OTP prevents the

following attacks: Key logging, Screen logging and

Shoulder-Surfing. By the time the attacker sees

the OTP being entered, it is already too late, since

the OTP is already used and not valid anymore. If

the OTP is logged or recorded in any way, it is of

no value to the attacker since it is only valid once

and only at the time it is used. OTP combined with

a password and/or a PIN is one way obtaining

Two-Factor Authentication.

Benefits using the Token based approach

Cost effective devise.

Provides strong two-factor authentication

together with online password.

Low logistic costs.

Portability: Token is small and portable -

convenient to bring with you at all times.

A single press on the button generates a One

Time Password.

User-friendly functionality.

Quick roll-out.

Smooth personalization, personalize a whole

batch in factory or a single device at the bank

office.

Compliance to standards

ISO 13491-1 (Banking Secure cryptographic

devices).

ISO 8732 (Key generation).

ANSI X9.32 (Data Encryption Standard).

ISO 11568 (Key management).

ISO 9797 (Message Authentication Codes).

Benefits using the Reader based approach

No need for personalisation of the reader, as

the secrets are kept in the smart card.

Identical terminals, which do not require any

security handling and therefore are easy to

distribute.

Portability: Reader is small and portable -

convenient to bring with you at all times.

User friendly functionality.

Future and backward compatible - the firmware

of reader is independent of changes in the EMV

specifications or other smart card specifica-

tions.

Multiple services can be performed with

the same reader.

Dynamic Signatures capability, increasing

security when signing transactions.

Separate function keys, enables Secure

Domain Separation

Large display allows long One-Time Passwords

and Signatures.

Fully compliant with industrial standards such

as 3-D Secure CAP, MasterCard SecureCode

CAP, VISA dynamic passcode authentication,

German Sm@rt TAN and Taiwanese FISC II.

Compliance to standards

ISO 7816.

MasterCard SecureCode CAP.

3-D Secure CAP.

APACS.

VISA dynamic passcode authentication.

Taiwanese FISC II OTP.

Proton Balance Reader.

Certifications

EMV level 2 (3-D Secure CAP).

EMV level 1 (EMV 2000).

CE.

Mobile Solution

The Mobile Solution is a set of different

technologies allowing authentication to be

performed through already existing infrastructures.

As part of the secure devices family they

emphasize different capabilities with respect to

security, usability and the look & feel experience.

The set of media utilized offer different solutions in

terms of service activation - all easy and cost-

effective, ranging from self-activation to Over The

Air activation (OTA).

The Mobile Solution enables PIN protected One

Time Passwords (OTP), Signatures,

Challenge/Response functionality and other

services in strong Two-Factor Authentication

schemes.

bySMS

bySMS is a solution for remote authentication,

suitable for Internet banking and Internet

shopping. The system consists of a Central

System and a SMS gateway plugin.

The basic version of bySMS offers the same

functionality as an OTP Token. The extended

version allows you to use a signature of

transaction data displayed in the SMS.

InSIM

InSIM is a solution for unconnected remote

authentication, offering One-Time Passwords and

Electronic Signatures. Basically, it implements the

same functionality as its siblings within the product

family. However, the major difference is that the

security application within inSIM is implemented

and executed in the SIM card, utilizing the Mobile

Equipment (ME) as a terminal via its SIM Toolkit

interface.

onMobile

onMobile supports a variety of technologies,

depending on handset functionality and customer

specific security requirements. If available, onMo-

bile makes optimal use of any SATSA Java API,

and of Java J2ME Sandbox and Data Integrity

support. onMobile is also available as an iPhone

and iPod Touch application.

Reduce Cost - Over The Air Deployment

Besides being convenient for the end-user, the

authentication service provider may also very cost

efficiently roll-out this strong remote authentication

service Over The Air. The end user simply accepts

the secure download of the needed cryptographic

credentials and the Java program to his or her

handset.

Further benefits with the Mobile Solutions

Easy to understand and use.

Portable, you always have your mobile

with you.

Simple to deploy and built upon existing

infrastructure.

Prevents Man-In-The-Middle attacks

(“Sign-What-You-See”).

Extensible solution – integrate with SMS, WAP

or Java software clients (MIDP).

Future compatible – you can start off with a

Mobile Solution and continue with a smart card

solution using the same system.

Our office address: Daugavas iela 38-3, Mārupe, Mārupes nov., LV-2167, Latvia

Tel: + 371 67930171, Fax: + 371 67930172, managers@x-infotech.com

www.x-infotech.com