Your SlideShare is downloading. ×

Szalai_Gemalto

354
views

Published on


0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
354
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Is Your Online Bank ReallySecure?Zoltan Szalai / eBanking Solution ManagerApril 3, 2013
  • 2. Gemalto for YouONE THIRD OF THE WORLD’S POPULATION USE OUR SOLUTIONS EVERYDAY BANKS & RETAIL TELECOM TRANSPORT GOVERNMENT ENTERPRISE 3 eBanking Security
  • 3. About Gemalto Over €2 BILLION in Revenue in 2012 15 Production Sites €250+ MILLION Software and Value Added Services 28 Presonalization Centers BILLION Intelligent Cards Produced and 74 Sales & Marketing Offices Personalized on a Yearly Basis 10,000+ Employees 14 R&D Centers 100 Nationalities 1,400 Scientists 43 CountriesGemalto eBanking 200+ CUSTOMER BANKS The acquisition of Xiring and Todos positioned Gemalto as the leader in the 70 MILLION DEVICES eBanking World. 124 EMPLOYEES4 eBanking Security
  • 4. Gemalto’s Position 2013 MAGIC QUADRANT FOR STRONG AUTHENTICATION FROM GARTNER5 eBanking Security, March 28, 2013
  • 5. Gemalto eBanking References 200+ BANKS6 eBanking Security
  • 6. Local References 100,000 SMS OTP 5,000 Tokens 300,000 SMS OTP 1,500 Tokens Local Partner Best eBanking Partner of Gemalto in 20127 eBanking Security
  • 7. Local References (Extended to Russia) Банк ВТБ Райффайзен Банк Other Banks: • Russian Agricultural Bank • LipetsCombankВозрождение Банк • Bank Primorie Московский Индустриальный • Surgutneftegasprom Bank 8 eBanking Security Банк
  • 8. Frauds & Mitigation9 eBanking Security
  • 9. Attacks are Evolving eBANKING FRAUD IS GETTING MORE AND MORE SOPHISTICATED MAN-IN- THE-BROWSER MAN-IN- THE-MIDDLE CROSS CHANNEL ATTACKS SOCIAL PHISHING ENGINEERING RELAY ATTACK WHALING PHARMING SHOULDER CONTRACTUAL SURFING FRAUD KEY/SCREEN ID THEFT LOGGING10 eBanking Security
  • 10. Phishing Attack are familiar with phishing Low to very low knowledge of other attacks Source: RSA Online Fraud Report11 eBanking Security
  • 11. Man-in-the-Middle AttackVictim Bank Server Malware Waits for Transaction!!!12 eBanking Security
  • 12. Man-in-the-Browser Attack Website Seen Website Seen by the Customer by the Bank Malware Inside the Browser Malware Changes Transaction Details!!!13 eBanking Security
  • 13. Attacks and Mitigation USER-FRIENDLY MITIGATION OF ALL CURRENT AND FUTURE THREATS TRANSACTION VERIFICATION CONTEXTUAL SIGNING TRANSACTION DATA SIGNING CHALLENGE / RESPONSE ONE TIME MAN-IN- PASSWORDS THE-BROWSER MAN-IN- THE-MIDDLE CROSS CHANNEL ATTACKS STATIC SOCIAL PASSWORDS PHISHING ENGINEERING RELAY ATTACK WHALING PHARMING SHOULDER CONTRACTUAL SURFING FRAUD KEY/SCREEN ID THEFT LOGGING14 eBanking Security
  • 14. eFrauds in the Region15 eBanking Security
  • 15. Local SituationCybercrime in Russia: Trends and issues presentation by ESET and Group-IB at CARO in 2011 16 eBanking Security
  • 16. Ezio Solution18 eBanking Security
  • 17. Gemalto Ezio Suite STRONG E-BANKING AUTHENTICATION ARCHITECTED FOR CHOICE Ezio Suite is the market’s most versatile and easy-to-implement eBanking security solution with a proven track-record of 100+ large-scale roll-outs.STANDARD ONE ALL EZIO Appliance Token- 70m 200+COMPLIANT SERVER DEVICES DELIVERED BANKS INCL. OATH, MULTIPLE WORK IN Delivery Agnostic DEVICESCAP/EMV, PKI CHANNELS PARALLEL19 eBanking Security
  • 18. Introduction to Ezio Server A Pre-hardened All-in-one Box Appliance Providing Multi-factor Authentication Field-proven Solution R&D and Produced in Singapore20 eBanking Security
  • 19. Advantages of Ezio Server Multi-million User Deployment Token Agnostic Authentication Brokering Multi-token Support per User End-to-end Encryption of Passwords21 eBanking Security
  • 20. Ezio Devices EZIO EDGE EZIO THIN EZIO CLUB EZIO SHIELD PRO EZIO SHIELD TALK EZIO EZIO EZIO bySMS EZIO PKI CARD EZIO MOBILE SDK EZIO MOBILE TOKEN PC USB-TR PLUG & SIGN EZIO CLASSIC CLIENT EZIO LAVA EZIO PICO EZIO onCARD EZIO onCARD PAD EZIO SERVER EZIO TOOLKIT22 eBanking Security
  • 21. Thank You!Zoltan Szalai / eBanking Solution ManagerApril 3, 2013