DIGIPASS
for APPS

DIGIPASS for APPS
DIGIPASS for APPS: a 360 degrees framework to secure your critical applications
The c...
DIGIPASS
for APPS

PLATFORM SERVICES

MULTI-DEVICE

Determining the location of an end-user can be of interest when
using ...
www.vasco.com
DIGIPASS
for APPS

DIGIPASS for APPS allows the integration of strong authentication
into any regular softwa...
Upcoming SlideShare
Loading in …5
×

DIGIPASS for Apps

446 views

Published on

DIGIPASS for apps 201311-v1

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
446
On SlideShare
0
From Embeds
0
Number of Embeds
13
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

DIGIPASS for Apps

  1. 1. DIGIPASS for APPS DIGIPASS for APPS DIGIPASS for APPS: a 360 degrees framework to secure your critical applications The current mobile ecosystem is a powerful distribution channel to put your applications in the hands of millions of potential users. However, the shift from traditional desktop to online applications has raised the security stakes. While more and more people conduct activities online, threats likewise increased as fraudsters have devised complex fraud schemes to turn security vulnerabilities in applications to their benefit. Web application security must be addressed across different components and at multiple layers. Each component of an application poses a potential security risk. Circumventing these threats is a time and resource-consuming effort. To tackle these potential threats, VASCO has developed DIGIPASS for APPS. This stands for DIGIPASS for Application Perimeter Protection SDK. The solution offers you a unique single framework with a comprehensive set of features giving you all necessary building blocks to secure your application at every level, from provisioning to human interface. COMMUNICATION LAYER Certain types of information exchanged from the server to the client application might require an extra security layer as they contain critical data. Relying on mainstream technologies like HTTPS may not be enough and could introduce an external risk in a critical process. DIGIPASS for APPS provides a secure channel to virtually encrypt anything (text, photos, QR codes, etc.).The solution can be used together with QR codes providing end-to-end encryption. The server side generated QR code can only be used by one specific person on a specific device. This end-to-end encryption introduces a new level of services between server and client applications enabling for instance “what you see is what you sign” capability on mobile devices. Scoring OTP, Signature, ... DIGIPASS for APPS offers following features: • Secure storage • Device binding • QR code scanner • Secure channel • Multi-device capacity • Secure key provisioning • Jailbreak & rootkit detection • Geolocation Cryptogram Generation QrCode Scanner Secure Channel Root Detection Malware Detection Human Interface Secure Storage Device Binding BUSINESS LOGIC A secured retail application needs to evaluate the environment where it resides; therefore a jailbreak or rootkit detection might be required prior to launching parts of the application. Business Logic Storage Comm. Layer Provisioning & Lifecycle Device Binding Key Provisioning Multi-Device Secure Channel Alert | Notification Platform services Geolocation DIGIPASS for APPS provides a secure, updatable way to detect if the remote environment is compromised, in a single function for all platforms. The world’s leading software company specializing in Internet Security
  2. 2. DIGIPASS for APPS PLATFORM SERVICES MULTI-DEVICE Determining the location of an end-user can be of interest when using mobile applications, e.g. to verify if the user and the device are recognized and permitted to perform certain activities or to localize applications for specific geographic regions. A typical user might have several devices in his personal ecosystem. DIGIPASS for APPS provides functionalities to allow an end user to seamlessly use all his devices transparently and in a secure way with a single license. DIGIPASS for APPS provides standardized access to location-based functions, independent of the target platform. DEVICE BINDING This function can be used in combination with two-factor authentication to create a location-dependent one-time password. This can be of particular interest to enhance the mobile authentication process of your users in an international setting whereby authentication requests from non-authorized regions will not be accepted. PROVISIONING & LIFE CYCLE MANAGEMENT A client side application runs on the end user’s device. At times it is important to know that the application runs on a recognized and trusted device. The link between the software DIGIPASS and the device is managed by DIGIPASS for APPSduring all critical steps of product deployment. DIGIPASS for APPS also provides device-independent functions that link a certain user to a specific device. Device binding can be used together with cryptographic functions to create devicedependent one-time passwords. STORAGE & PERSISTENT DATA An application may require persistent data on a remote platform. These data need to be secured ensuring that they cannot be accessed by other applications or devices. DIGIPASS for APPS therefore offers secure storage functionalities allowing an easy encryption of all application data, independent of any operating system or device. This function can be used in combination with the device binding capacity, ensuring that the secure storage is linked to a specific device. SECRET KEY PROVISIONING HUMAN INTERFACE Secret key provisioning should be flexible and highly secured. A provisioned license should also be linked to a specific device. DIGIPASS for APPS provides a full range of provisioning options from manual activation to online or QR code-based processes with different levels of convenience and security. The manner in which an application will interact with the user and how he will perceive and use it, will have a tremendous impact on the adoption rate. DIGIPASS for APPS offers ultimate user convenience as it supports QR code scanning and graphical cryptograms such as the CrontoSign technology. REACTIVATION Using QR codes or CrontoSign technology reduces manual input and offers a fast and reliable way of logging on or signing transactions. Any retail application needs a procedure in place regarding lifecycle management as end users will change their devices from time to time. The process of reactivating registered users should run as smooth as possible. DIGIPASS for APPS makes lifecycle management a piece of cake thanks to a set of protocol independent functionalities and features that can be used across different platforms. CRYPTOGRAM GENERATION DIGIPASS for APPS allows you to add strong authentication directly to the application without external software interacting with the company’s system. One-time password and e-signature capability become thus an integral part of the online application. The world’s leading software company specializing in Internet Security
  3. 3. www.vasco.com DIGIPASS for APPS DIGIPASS for APPS allows the integration of strong authentication into any regular software environment. It can also rely on any external Secure Executive Environment. BENEFITS As a result, DIGIPASS for APPS has the best of two worlds: ease of integration, worldwide support and extended security for hardware processing. DIGIPASS for APPS is compatible with all of VASCO’s technologies and can be used in conjunction with any other authenticator of the DIGIPASS family. • Transparent deployment to end users FEATURES • Can be used with PC and other devices as well as specific environments (JavaCards, SIM cards, tablets, mobile phones, USB devices...) • One-time passwords and e-signatures become an integral part of the online application • Extended set of provisioning options • Patented CrontoSign technology, support for an extended list of QR codes and barcodes • Native integration of strong authentication into applications • Entire application perimeter is protected in a single SDK • Integration efforts are reduced to a minimum • No cryptographic skills required • Extensible security model • Suitable for any server side environment • Fully customizable - overcomes GUI issues and meets any graphical requirement • Supports geolocalized OTPs and e-signatures • Jailbreak and rootkit detection • Device binding • Secure storage • Out of band login support • Multi-device capabalities • Available for the most common programming environments, including iOS, BlackBerry (including latest BB10 versions), Android, Windows Phone, Java with comprehensive programming samples About VASCO VASCO is a leading supplier of strong authentication and e-signature solutions and services specializing in Internet Security applications and transactions. VASCO has positioned itself as global software company for Internet Security and designs, develops, markets and supports DIGIPASS®, CertiID™, VACMAN®, IDENTIKEY® and aXsGUARD® authentication products. VASCO’s prime markets are the financial sector, enterprise security, e-commerce and e-government. www.vasco.com I N T E R N AT I O N A L H Q ZURICH (Europe) phone: +41 43 555 3500 email: info_europe@vasco.com C O R P O R AT E H Q CHICAGO (North America) phone: +1 630 932 88 44 info-usa@vasco.com BRUSSELS (EUROPE) phone: +32.2.609.97.00 email: info-europe@vasco.com BOSTON (NORTH AMERICA) phone: +1.508.366.3400 email: info-usa@vasco.com S Y D N E Y ( PA C I F I C ) phone: +61.2.8061.3700 email: info-australia@vasco.com Copyright © 2013 VASCO Data Security, Inc, VASCO Data Security International GmbH. All rights reserved. VASCO®, CertiID™, VACMAN®, IDENTIKEY®, aXsGUARD®, ® ™ DIGIPASS®, the logo and the logo are registered or unregistered trademarks of VASCO Data Security, Inc. and/or VASCO Data Security International GmbH in the U.S. and other countries. VASCO Data Security, Inc. and/or VASCO Data Security International GmbH own or are licensed under all title, rights and interest in VASCO Products, updates and upgrades thereof, including copyrights, patent rights, trade secret rights, mask work rights, database rights and all other intellectual and industrial property rights in the U.S. and other countries. Other names may be trademarks of their respective owners. LE201311-v1 SINGAPORE (ASIA) phone: +65.6323.0906 email: info-asia@vasco.com www.vasco.com www.vasco.com

×