SlideShare a Scribd company logo

Managing & Securing the Online and Mobile banking - Chew Chee Seng

Knowledge Group
Knowledge Group

Mobile devices are increasingly used for both personal and work purposes. As mobile connectivity grows, security risks have also increased, necessitating new authentication methods. One-time passwords (OTPs), which have been used for over 25 years, are now obsolete and insecure due to vulnerabilities like man-in-the-middle attacks targeting SMS OTPs. New solutions using public key infrastructure (PKI) certificates on mobile devices can eliminate these attacks by uniquely identifying devices for two-factor authentication. Mobile PKI provides a secure authentication method that leverages the ubiquity of mobile phones and can be used across multiple applications and services.

Technology
1 of 13
Download to read offline
0 Managing & Securing the Online and Mobile Banking Transaction 18th March 2015 Chew Chee Seng ManagePay Group Malaysia ManagePay Group Business Presentation
1 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Mobile device is the new normal for computing “Global mobile devices and connections in 2013 grew to 7 billion, up from 6.5 billion in 2012. Smartphones accounted for 77 percent of that growth, with 406 million net additions in 2013.” - Cisco 2014 – “80% of Smartphones Used in the Workplace are Employee Owned” - McKinsey 2012 - “Smart phones and tablets are giving people new levels of mobile connectivity, and we expect to be able to use them for work and leisure.” Whether in private or in workplace, the demand for security has arisen to protect business critical information, communication and IT processes against threats like unauthorized access, data leakage, espionage, identity theft and fraud, and denial of service.
2 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved OTP: Security Past its Expiration Date • For more than 25 years, the financial services industry has relied on one-time passwords for online banking security. • The advent of Internet and mobile technology and an explosion in digital crime have rendered these single- use strings of digits obsolete, both in terms of security and convenience.
3 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved All OTP systems share the same inherent flaws • OTP-based authentication systems, – The OTPs are generated as either time-synchronized or counter-synchronized codes and it requires the user to carry a small hardware device, i.e. a “Token”, which may look like a small calculator or a keychain charm with an LCD display. – Some banks generate and dispatch OTPs to the customer’s mobile phone via SMS which is referred to as Transaction Authorization Code (TAC) • OTP systems share the same flaws and vulnerabilities. – First, they are all symmetric because the bank has access to the same secrets as its customer (and the mobile carrier does too, in the case of SMS transmission). – Secondly, OTP systems all remain reliant on browser-based communications back to the bank & Anything that goes through a browser can be compromised by a Trojan!! – Trojan-enabled “man-in-the-middle” or “man-in-the-browser” attacks circumvent the security promised by sophisticated-looking OTP generators, chip cards and biometric technology. – According to Kasperksy Labs, 2013 saw an almost twenty-fold increase in the number of recorded banking trojans, many of them targeting SMS OTPs
4 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved if OTPs are the past, what’s the future? • For financial institutions intent on providing a secure and convenient method for customers to transact online, there are new solutions available today that can virtually eliminate all types of man-in-the-middle attacks. • Deploying industry-standard X.509 digital certificates to mobile phones and tablets allows them to be uniquely identified, transforming them into second factors of authentication.
5 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved What is two-factor authentication There are three (3) types/factors of human authentication : • Something you know – a password or PIN • Something you have – a smart card, USB key, PKI (Public Key Infrastructure) certificate or mobile phone • Something you are – a biometric characteristic, e.g. fingerprint or voice pattern two-factor authentication means that you authenticate a user with two or more factors. Ideally, different authentication factors should be used in combination. Mobile PKI is a technology which allows users to place PKI certificates (electronic signatures) with their mobile phone, and the mobile phone will ask the user for his or her PIN before he/she places his/her electronic signature onto transactions that requires multiple authentication.
6 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Why Mobile PKI Security? • The mobile phone is everywhere and available to almost everyone. By 2015, the number of mobile phones should exceed world population. • Today, more people own and use a mobile phone than a personal computer. Mobile penetration in Malaysia is way above 100%. • So is mobile PKI (Public Key Infrastructure) security: – Every mobile phone and every other device (Internet of Things) i.e. smart watch, CCTV, wearables) that works with a SIM card supports mobile PKI. • Legally bind: – All transactions are digitally signed with non-repudiation as provisioned by the Digital Signature Act. – Avoid disputes and provide better customer service and experience.
7 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Single ID for Multiple Applications
8 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Mobile ID or Mobile Signature for Banks Mobile PKI on SIM’s SE Certificate Authority
9 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Licensed CA Banks Government Agencies Corporate Entities Merchants Service Provider Aggregator MSSP MSSP Mobile Operators WAP SMS USSD App Service Request Auth Request Generate Signature Request SignatureRequest Signature Request Cancel OK Pay RMXXX from your Acc 123456789 to Mr. Aan Smith. Please confirm with signature Signature (Transaction encrypted at SIM) CA Signature(Transaction encrypted) Signature attached with CertSignature & Cert Decrypt Trans & Verify Signature Proceed with Service Service Fulfillment Cancel OK Key in PIN to sign PIN: ****** Mobile Signature Service Platform How it works? RCA
10 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Licensed CA MSSP Mobile Signature Service Platform Service Delivery Channels Bank Data Center Priority Internet/Mobile Banking Smart Phone/Tablet Application Relationship Manager Customer accesses service Relationship Mgr Initiated auth Request Priority Banking Internet/Mobile Banking Application Servers Certificate Authority MNO Customer Interacts with Relationship Manager Authentication request Authentication Request Create Signature Request Signature RequestSignature Request Cancel OK Please key in Signing PIN ****** Cancel OK Signature Sent Signature Signature Attach Certificate Verify Signature and Decide on Transaction Return Confirmation Return Confirmation Priority Banking Customer Signature with Certificate Implementation for High Net Worth Individual Banking
11 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Licensed CA MSSP Mobile Signature Service Platform Certificate Authority Priority Banking Customer Relationship Manager Please proceed with my transfer of RM 500,000 from my current account to a fixed deposit Sure Mr. Lee, please confirm the transaction with your digital signature Priority Banking CRM System Bank Data Center CRM Application servers MNO Phone interaction Key in transaction and initiate auth request Auth Request AuthRequest Create signature request Signature RequestSignature Request Cancel OK Transfer of RM500,000 from current acct to fixed deposit Cancel OK Please confirm with digital signature PIN: ****** Cancel OK Signature Sent Signature Signature Attach digital certificate Signatureand Certificate Verify signature and confirm transaction Return confirmation Thanks Mr. Lee. We’ve received your signature and your transfer is confirmed Wow, that was fast. Thanks very much Cancel OK Transaction confirmed Customer and Money Transfer Transaction Flow
12 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Thank you… Chew Chee Seng cheseng@mpsb.net +60122188433

Recommended

Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015
TransUnion
 
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting SeriousThe Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
IBM Security
 
Czech Banks are Under Attack, Clients Lose Money.
Czech Banks are Under Attack, Clients Lose Money.Czech Banks are Under Attack, Clients Lose Money.
Czech Banks are Under Attack, Clients Lose Money.
Petr Dvorak
 
Mobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional BankingMobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional Banking
Infosys Finacle
 
Nxtd
NxtdNxtd
Nxtd
RedChip Companies, Inc.
 
E banking & security
E banking & securityE banking & security
E banking & security
Sumeer Sharma
 
Industrial application on online banking
Industrial application on online bankingIndustrial application on online banking
Industrial application on online banking
Abhilash Kallayil
 
87559489 auth
87559489 auth87559489 auth
87559489 auth
homeworkping4
 

Recommended

Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015
TransUnion
 
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting SeriousThe Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
IBM Security
 
Czech Banks are Under Attack, Clients Lose Money.
Czech Banks are Under Attack, Clients Lose Money.Czech Banks are Under Attack, Clients Lose Money.
Czech Banks are Under Attack, Clients Lose Money.
Petr Dvorak
 
Mobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional BankingMobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional Banking
Infosys Finacle
 
Nxtd
NxtdNxtd
Nxtd
RedChip Companies, Inc.
 
E banking & security
E banking & securityE banking & security
E banking & security
Sumeer Sharma
 
Industrial application on online banking
Industrial application on online bankingIndustrial application on online banking
Industrial application on online banking
Abhilash Kallayil
 
87559489 auth
87559489 auth87559489 auth
87559489 auth
homeworkping4
 
MobiWeb - OTP SMS Two Factor Authentication
MobiWeb - OTP SMS Two Factor AuthenticationMobiWeb - OTP SMS Two Factor Authentication
MobiWeb - OTP SMS Two Factor Authentication
MobiWeb
 
E banking & security concern
E banking & security concernE banking & security concern
E banking & security concern
Syed Akhtar-Uz-Zaman
 
Mobile wallet security
Mobile wallet securityMobile wallet security
Mobile wallet security
Mahindra Comviva
 
Mobile Authentication on the Internet
Mobile Authentication on the InternetMobile Authentication on the Internet
Mobile Authentication on the Internet
evidos
 
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
Investorideas.com
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
IJECEIAES
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer Experience
TransUnion
 
13_2
13_213_2
13_2
Prince Gupta
 
AY - Adaptive Access Control
AY - Adaptive Access ControlAY - Adaptive Access Control
AY - Adaptive Access Control
Adrian Young
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CloudIDSummit
 
Spellpoint - Securing Access for Microservices
Spellpoint - Securing Access for MicroservicesSpellpoint - Securing Access for Microservices
Spellpoint - Securing Access for Microservices
Ubisecure
 
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
WSO2
 
Loqr
LoqrLoqr
Loqr
Caixa Geral Depósitos
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
OKsystem
 
Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key Infrastructure
Chin Wan Lim
 
FinTech, Internet of Things & Patents
FinTech, Internet of Things & PatentsFinTech, Internet of Things & Patents
FinTech, Internet of Things & Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Top 7 Mobile Banking Security Tips
Top 7 Mobile Banking Security TipsTop 7 Mobile Banking Security Tips
Top 7 Mobile Banking Security Tips
Quick Heal Technologies Ltd.
 
e-Signatures Summit for Insurance Executives
e-Signatures Summit for Insurance Executivese-Signatures Summit for Insurance Executives
e-Signatures Summit for Insurance Executives
eSignLive by VASCO
 
ConfidentID_broc
ConfidentID_brocConfidentID_broc
ConfidentID_broc
Wendy Wheeler
 
Kantara - Digital Identity in 2018
Kantara - Digital Identity in 2018Kantara - Digital Identity in 2018
Kantara - Digital Identity in 2018
Ubisecure
 
Incorporating Gate Variability in Airline Block Planning
Incorporating Gate Variability in Airline Block PlanningIncorporating Gate Variability in Airline Block Planning
Incorporating Gate Variability in Airline Block Planning
Joshua Marks
 
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
Amazon Web Services
 

More Related Content

What's hot

MobiWeb - OTP SMS Two Factor Authentication
MobiWeb - OTP SMS Two Factor AuthenticationMobiWeb - OTP SMS Two Factor Authentication
MobiWeb - OTP SMS Two Factor Authentication
MobiWeb
 
E banking & security concern
E banking & security concernE banking & security concern
E banking & security concern
Syed Akhtar-Uz-Zaman
 
Mobile wallet security
Mobile wallet securityMobile wallet security
Mobile wallet security
Mahindra Comviva
 
Mobile Authentication on the Internet
Mobile Authentication on the InternetMobile Authentication on the Internet
Mobile Authentication on the Internet
evidos
 
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
Investorideas.com
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
IJECEIAES
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer Experience
TransUnion
 
13_2
13_213_2
13_2
Prince Gupta
 
AY - Adaptive Access Control
AY - Adaptive Access ControlAY - Adaptive Access Control
AY - Adaptive Access Control
Adrian Young
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CloudIDSummit
 
Spellpoint - Securing Access for Microservices
Spellpoint - Securing Access for MicroservicesSpellpoint - Securing Access for Microservices
Spellpoint - Securing Access for Microservices
Ubisecure
 
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
WSO2
 
Loqr
LoqrLoqr
Loqr
Caixa Geral Depósitos
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
OKsystem
 
Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key Infrastructure
Chin Wan Lim
 
FinTech, Internet of Things & Patents
FinTech, Internet of Things & PatentsFinTech, Internet of Things & Patents
FinTech, Internet of Things & Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Top 7 Mobile Banking Security Tips
Top 7 Mobile Banking Security TipsTop 7 Mobile Banking Security Tips
Top 7 Mobile Banking Security Tips
Quick Heal Technologies Ltd.
 
e-Signatures Summit for Insurance Executives
e-Signatures Summit for Insurance Executivese-Signatures Summit for Insurance Executives
e-Signatures Summit for Insurance Executives
eSignLive by VASCO
 
ConfidentID_broc
ConfidentID_brocConfidentID_broc
ConfidentID_broc
Wendy Wheeler
 
Kantara - Digital Identity in 2018
Kantara - Digital Identity in 2018Kantara - Digital Identity in 2018
Kantara - Digital Identity in 2018
Ubisecure
 

What's hot (20)

MobiWeb - OTP SMS Two Factor Authentication
MobiWeb - OTP SMS Two Factor AuthenticationMobiWeb - OTP SMS Two Factor Authentication
MobiWeb - OTP SMS Two Factor Authentication
 
E banking & security concern
E banking & security concernE banking & security concern
E banking & security concern
 
Mobile wallet security
Mobile wallet securityMobile wallet security
Mobile wallet security
 
Mobile Authentication on the Internet
Mobile Authentication on the InternetMobile Authentication on the Internet
Mobile Authentication on the Internet
 
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
Keynote Speaker Janice Kephart - Founder and CEO of The Secure Identity and B...
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer Experience
 
13_2
13_213_2
13_2
 
AY - Adaptive Access Control
AY - Adaptive Access ControlAY - Adaptive Access Control
AY - Adaptive Access Control
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
 
Spellpoint - Securing Access for Microservices
Spellpoint - Securing Access for MicroservicesSpellpoint - Securing Access for Microservices
Spellpoint - Securing Access for Microservices
 
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
WSO2Con US 2013 - Securing Cloud and Mobile: Pragmatic Enterprise Security Ar...
 
Loqr
LoqrLoqr
Loqr
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
 
Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key Infrastructure
 
FinTech, Internet of Things & Patents
FinTech, Internet of Things & PatentsFinTech, Internet of Things & Patents
FinTech, Internet of Things & Patents
 
Top 7 Mobile Banking Security Tips
Top 7 Mobile Banking Security TipsTop 7 Mobile Banking Security Tips
Top 7 Mobile Banking Security Tips
 
e-Signatures Summit for Insurance Executives
e-Signatures Summit for Insurance Executivese-Signatures Summit for Insurance Executives
e-Signatures Summit for Insurance Executives
 
ConfidentID_broc
ConfidentID_brocConfidentID_broc
ConfidentID_broc
 
Kantara - Digital Identity in 2018
Kantara - Digital Identity in 2018Kantara - Digital Identity in 2018
Kantara - Digital Identity in 2018
 

Viewers also liked

Incorporating Gate Variability in Airline Block Planning
Incorporating Gate Variability in Airline Block PlanningIncorporating Gate Variability in Airline Block Planning
Incorporating Gate Variability in Airline Block Planning
Joshua Marks
 
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
Amazon Web Services
 
Business intelligence and airline operational improvement
Business intelligence and airline operational improvementBusiness intelligence and airline operational improvement
Business intelligence and airline operational improvement
Joshua Marks
 
Lost Airlines of the USA - The major air carriers no longer flying
Lost Airlines of the USA - The major air carriers no longer flyingLost Airlines of the USA - The major air carriers no longer flying
Lost Airlines of the USA - The major air carriers no longer flying
destinworld
 
US Air and America West Merger
US Air and America West MergerUS Air and America West Merger
US Air and America West Merger
Relly242
 
Empowering smes with mobile payment
Empowering smes with mobile paymentEmpowering smes with mobile payment
Empowering smes with mobile payment
ChunJia Sio
 
Airline and Airport Big Data: Impact and Efficiencies
Airline and Airport Big Data: Impact and EfficienciesAirline and Airport Big Data: Impact and Efficiencies
Airline and Airport Big Data: Impact and Efficiencies
Joshua Marks
 

Viewers also liked (7)

Incorporating Gate Variability in Airline Block Planning
Incorporating Gate Variability in Airline Block PlanningIncorporating Gate Variability in Airline Block Planning
Incorporating Gate Variability in Airline Block Planning
 
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
Get the Most Out of Amazon EC2: A Deep Dive on Reserved, On-Demand, and Spot ...
 
Business intelligence and airline operational improvement
Business intelligence and airline operational improvementBusiness intelligence and airline operational improvement
Business intelligence and airline operational improvement
 
Lost Airlines of the USA - The major air carriers no longer flying
Lost Airlines of the USA - The major air carriers no longer flyingLost Airlines of the USA - The major air carriers no longer flying
Lost Airlines of the USA - The major air carriers no longer flying
 
US Air and America West Merger
US Air and America West MergerUS Air and America West Merger
US Air and America West Merger
 
Empowering smes with mobile payment
Empowering smes with mobile paymentEmpowering smes with mobile payment
Empowering smes with mobile payment
 
Airline and Airport Big Data: Impact and Efficiencies
Airline and Airport Big Data: Impact and EfficienciesAirline and Airport Big Data: Impact and Efficiencies
Airline and Airport Big Data: Impact and Efficiencies
 

Similar to Managing & Securing the Online and Mobile banking - Chew Chee Seng

Banking and Mobile Identity
Banking and Mobile IdentityBanking and Mobile Identity
Banking and Mobile Identity
Apigee | Google Cloud
 
All You Wanted To Know About Top Online Payment Security Methods.pptx
All You Wanted To Know About Top Online Payment Security Methods.pptxAll You Wanted To Know About Top Online Payment Security Methods.pptx
All You Wanted To Know About Top Online Payment Security Methods.pptx
ITIO Innovex
 
Mobile Wallet security
Mobile Wallet securityMobile Wallet security
Mobile Wallet security
Suraj Pratap
 
Secure E-Banking with KOBIL technologies
Secure E-Banking with KOBIL technologiesSecure E-Banking with KOBIL technologies
Secure E-Banking with KOBIL technologies
marketingkobil
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
Vladimir Jirasek
 
What to Expect from a Mobile Banking Solution? (Whitepaper)
What to Expect from a Mobile Banking Solution? (Whitepaper)What to Expect from a Mobile Banking Solution? (Whitepaper)
What to Expect from a Mobile Banking Solution? (Whitepaper)
Thinksoft Global
 
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
WSO2
 
Privacy & Security Challenges Faced By Financial Services In The Digital Age
Privacy & Security Challenges Faced By Financial Services In The Digital AgePrivacy & Security Challenges Faced By Financial Services In The Digital Age
Privacy & Security Challenges Faced By Financial Services In The Digital Age
Agile Financial Technologies
 
Digital wallet (e-wallet)
Digital wallet (e-wallet)Digital wallet (e-wallet)
Digital wallet (e-wallet)
Krishna Kumar
 
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
IJNSA Journal
 
otp-sms-two-factor-authentication
otp-sms-two-factor-authenticationotp-sms-two-factor-authentication
otp-sms-two-factor-authentication
Nikos Ioannou 123RF.com
 
E walllet / Digital Wallet
E walllet / Digital WalletE walllet / Digital Wallet
E walllet / Digital Wallet
Subhash Vadadoriya
 
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
IJNSA Journal
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
MEDICI admin
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity Theft
Diane M. Metcalf
 
World Digital Finance Hub.pptx
World Digital Finance Hub.pptxWorld Digital Finance Hub.pptx
World Digital Finance Hub.pptx
ElbekXolmatov
 
Computer's project
Computer's projectComputer's project
Computer's project
Abdullah555
 
120 i143
120 i143120 i143
120 i143
Hai Nguyen
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and Privacy
Michael Davis
 
Two aspect authentication system using secure mobile
Two aspect authentication system using secure mobileTwo aspect authentication system using secure mobile
Two aspect authentication system using secure mobile
Uvaraj Shan
 

Similar to Managing & Securing the Online and Mobile banking - Chew Chee Seng (20)

Banking and Mobile Identity
Banking and Mobile IdentityBanking and Mobile Identity
Banking and Mobile Identity
 
All You Wanted To Know About Top Online Payment Security Methods.pptx
All You Wanted To Know About Top Online Payment Security Methods.pptxAll You Wanted To Know About Top Online Payment Security Methods.pptx
All You Wanted To Know About Top Online Payment Security Methods.pptx
 
Mobile Wallet security
Mobile Wallet securityMobile Wallet security
Mobile Wallet security
 
Secure E-Banking with KOBIL technologies
Secure E-Banking with KOBIL technologiesSecure E-Banking with KOBIL technologies
Secure E-Banking with KOBIL technologies
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
 
What to Expect from a Mobile Banking Solution? (Whitepaper)
What to Expect from a Mobile Banking Solution? (Whitepaper)What to Expect from a Mobile Banking Solution? (Whitepaper)
What to Expect from a Mobile Banking Solution? (Whitepaper)
 
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
 
Privacy & Security Challenges Faced By Financial Services In The Digital Age
Privacy & Security Challenges Faced By Financial Services In The Digital AgePrivacy & Security Challenges Faced By Financial Services In The Digital Age
Privacy & Security Challenges Faced By Financial Services In The Digital Age
 
Digital wallet (e-wallet)
Digital wallet (e-wallet)Digital wallet (e-wallet)
Digital wallet (e-wallet)
 
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
 
otp-sms-two-factor-authentication
otp-sms-two-factor-authenticationotp-sms-two-factor-authentication
otp-sms-two-factor-authentication
 
E walllet / Digital Wallet
E walllet / Digital WalletE walllet / Digital Wallet
E walllet / Digital Wallet
 
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity Theft
 
World Digital Finance Hub.pptx
World Digital Finance Hub.pptxWorld Digital Finance Hub.pptx
World Digital Finance Hub.pptx
 
Computer's project
Computer's projectComputer's project
Computer's project
 
120 i143
120 i143120 i143
120 i143
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and Privacy
 
Two aspect authentication system using secure mobile
Two aspect authentication system using secure mobileTwo aspect authentication system using secure mobile
Two aspect authentication system using secure mobile
 

More from Knowledge Group

Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Knowledge Group
 
Technology Risk Management Simulation - Mahesh
Technology Risk Management Simulation - Mahesh Technology Risk Management Simulation - Mahesh
Technology Risk Management Simulation - Mahesh
Knowledge Group
 
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorNational Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip Victor
Knowledge Group
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Knowledge Group
 
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Knowledge Group
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Knowledge Group
 
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Knowledge Group
 
Suresh - Mobile Banking (Corporate Banking Stream)
Suresh - Mobile Banking (Corporate Banking Stream) Suresh - Mobile Banking (Corporate Banking Stream)
Suresh - Mobile Banking (Corporate Banking Stream)
Knowledge Group
 
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for BanksLeonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Knowledge Group
 
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
Knowledge Group
 
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce FraudLisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Knowledge Group
 
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Knowledge Group
 
Steven Gan - Signifying The Need for Speed Banking
Steven Gan - Signifying The Need for Speed BankingSteven Gan - Signifying The Need for Speed Banking
Steven Gan - Signifying The Need for Speed Banking
Knowledge Group
 
David Wortley - Gamification Is Not Funny!
David Wortley - Gamification Is Not Funny!David Wortley - Gamification Is Not Funny!
David Wortley - Gamification Is Not Funny!
Knowledge Group
 
Andrew Fell, Harnessing the Customer Experience via New Technology
Andrew Fell, Harnessing the Customer Experience via New TechnologyAndrew Fell, Harnessing the Customer Experience via New Technology
Andrew Fell, Harnessing the Customer Experience via New Technology
Knowledge Group
 
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Knowledge Group
 

More from Knowledge Group (16)

Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
 
Technology Risk Management Simulation - Mahesh
Technology Risk Management Simulation - Mahesh Technology Risk Management Simulation - Mahesh
Technology Risk Management Simulation - Mahesh
 
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorNational Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip Victor
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
 
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
 
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
Evaluating Cloud Computing Risk :Recounting PBB’s Journey into the Cloud - Ke...
 
Suresh - Mobile Banking (Corporate Banking Stream)
Suresh - Mobile Banking (Corporate Banking Stream) Suresh - Mobile Banking (Corporate Banking Stream)
Suresh - Mobile Banking (Corporate Banking Stream)
 
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for BanksLeonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
Leonard - (Security & Risk Stream) Discovering Optimum Risk Solution for Banks
 
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
Daryl Pereira(Compliance & Regulations Stream) Learning From The Expert – Mo...
 
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce FraudLisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
Lisa Shipley (Fraud & AML Stream)- Extending the PCI Boundary to Reduce Fraud
 
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
Harry Singh (Security & Risk Management Stream)- Managing Technology Risk in...
 
Steven Gan - Signifying The Need for Speed Banking
Steven Gan - Signifying The Need for Speed BankingSteven Gan - Signifying The Need for Speed Banking
Steven Gan - Signifying The Need for Speed Banking
 
David Wortley - Gamification Is Not Funny!
David Wortley - Gamification Is Not Funny!David Wortley - Gamification Is Not Funny!
David Wortley - Gamification Is Not Funny!
 
Andrew Fell, Harnessing the Customer Experience via New Technology
Andrew Fell, Harnessing the Customer Experience via New TechnologyAndrew Fell, Harnessing the Customer Experience via New Technology
Andrew Fell, Harnessing the Customer Experience via New Technology
 
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
Aman Narain, Viva La Revolution -How Banking Should and Will be Disrupted an...
 

Recently uploaded

Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Pitangent Analytics & Technology Solutions Pvt. Ltd
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
operationspcvita
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
c5vrf27qcz
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
Safe Software
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge GraphGraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Neo4j
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
DianaGray10
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
DianaGray10
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
AstuteBusiness
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
Pablo Gómez Abajo
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 

Recently uploaded (20)

Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge GraphGraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 

Managing & Securing the Online and Mobile banking - Chew Chee Seng

  • 1. 0 Managing & Securing the Online and Mobile Banking Transaction 18th March 2015 Chew Chee Seng ManagePay Group Malaysia ManagePay Group Business Presentation
  • 2. 1 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Mobile device is the new normal for computing “Global mobile devices and connections in 2013 grew to 7 billion, up from 6.5 billion in 2012. Smartphones accounted for 77 percent of that growth, with 406 million net additions in 2013.” - Cisco 2014 – “80% of Smartphones Used in the Workplace are Employee Owned” - McKinsey 2012 - “Smart phones and tablets are giving people new levels of mobile connectivity, and we expect to be able to use them for work and leisure.” Whether in private or in workplace, the demand for security has arisen to protect business critical information, communication and IT processes against threats like unauthorized access, data leakage, espionage, identity theft and fraud, and denial of service.
  • 3. 2 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved OTP: Security Past its Expiration Date • For more than 25 years, the financial services industry has relied on one-time passwords for online banking security. • The advent of Internet and mobile technology and an explosion in digital crime have rendered these single- use strings of digits obsolete, both in terms of security and convenience.
  • 4. 3 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved All OTP systems share the same inherent flaws • OTP-based authentication systems, – The OTPs are generated as either time-synchronized or counter-synchronized codes and it requires the user to carry a small hardware device, i.e. a “Token”, which may look like a small calculator or a keychain charm with an LCD display. – Some banks generate and dispatch OTPs to the customer’s mobile phone via SMS which is referred to as Transaction Authorization Code (TAC) • OTP systems share the same flaws and vulnerabilities. – First, they are all symmetric because the bank has access to the same secrets as its customer (and the mobile carrier does too, in the case of SMS transmission). – Secondly, OTP systems all remain reliant on browser-based communications back to the bank & Anything that goes through a browser can be compromised by a Trojan!! – Trojan-enabled “man-in-the-middle” or “man-in-the-browser” attacks circumvent the security promised by sophisticated-looking OTP generators, chip cards and biometric technology. – According to Kasperksy Labs, 2013 saw an almost twenty-fold increase in the number of recorded banking trojans, many of them targeting SMS OTPs
  • 5. 4 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved if OTPs are the past, what’s the future? • For financial institutions intent on providing a secure and convenient method for customers to transact online, there are new solutions available today that can virtually eliminate all types of man-in-the-middle attacks. • Deploying industry-standard X.509 digital certificates to mobile phones and tablets allows them to be uniquely identified, transforming them into second factors of authentication.
  • 6. 5 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved What is two-factor authentication There are three (3) types/factors of human authentication : • Something you know – a password or PIN • Something you have – a smart card, USB key, PKI (Public Key Infrastructure) certificate or mobile phone • Something you are – a biometric characteristic, e.g. fingerprint or voice pattern two-factor authentication means that you authenticate a user with two or more factors. Ideally, different authentication factors should be used in combination. Mobile PKI is a technology which allows users to place PKI certificates (electronic signatures) with their mobile phone, and the mobile phone will ask the user for his or her PIN before he/she places his/her electronic signature onto transactions that requires multiple authentication.
  • 7. 6 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Why Mobile PKI Security? • The mobile phone is everywhere and available to almost everyone. By 2015, the number of mobile phones should exceed world population. • Today, more people own and use a mobile phone than a personal computer. Mobile penetration in Malaysia is way above 100%. • So is mobile PKI (Public Key Infrastructure) security: – Every mobile phone and every other device (Internet of Things) i.e. smart watch, CCTV, wearables) that works with a SIM card supports mobile PKI. • Legally bind: – All transactions are digitally signed with non-repudiation as provisioned by the Digital Signature Act. – Avoid disputes and provide better customer service and experience.
  • 8. 7 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Single ID for Multiple Applications
  • 9. 8 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Mobile ID or Mobile Signature for Banks Mobile PKI on SIM’s SE Certificate Authority
  • 10. 9 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Licensed CA Banks Government Agencies Corporate Entities Merchants Service Provider Aggregator MSSP MSSP Mobile Operators WAP SMS USSD App Service Request Auth Request Generate Signature Request SignatureRequest Signature Request Cancel OK Pay RMXXX from your Acc 123456789 to Mr. Aan Smith. Please confirm with signature Signature (Transaction encrypted at SIM) CA Signature(Transaction encrypted) Signature attached with CertSignature & Cert Decrypt Trans & Verify Signature Proceed with Service Service Fulfillment Cancel OK Key in PIN to sign PIN: ****** Mobile Signature Service Platform How it works? RCA
  • 11. 10 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Licensed CA MSSP Mobile Signature Service Platform Service Delivery Channels Bank Data Center Priority Internet/Mobile Banking Smart Phone/Tablet Application Relationship Manager Customer accesses service Relationship Mgr Initiated auth Request Priority Banking Internet/Mobile Banking Application Servers Certificate Authority MNO Customer Interacts with Relationship Manager Authentication request Authentication Request Create Signature Request Signature RequestSignature Request Cancel OK Please key in Signing PIN ****** Cancel OK Signature Sent Signature Signature Attach Certificate Verify Signature and Decide on Transaction Return Confirmation Return Confirmation Priority Banking Customer Signature with Certificate Implementation for High Net Worth Individual Banking
  • 12. 11 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Licensed CA MSSP Mobile Signature Service Platform Certificate Authority Priority Banking Customer Relationship Manager Please proceed with my transfer of RM 500,000 from my current account to a fixed deposit Sure Mr. Lee, please confirm the transaction with your digital signature Priority Banking CRM System Bank Data Center CRM Application servers MNO Phone interaction Key in transaction and initiate auth request Auth Request AuthRequest Create signature request Signature RequestSignature Request Cancel OK Transfer of RM500,000 from current acct to fixed deposit Cancel OK Please confirm with digital signature PIN: ****** Cancel OK Signature Sent Signature Signature Attach digital certificate Signatureand Certificate Verify signature and confirm transaction Return confirmation Thanks Mr. Lee. We’ve received your signature and your transfer is confirmed Wow, that was fast. Thanks very much Cancel OK Transaction confirmed Customer and Money Transfer Transaction Flow
  • 13. 12 Strictly Private & Confidential – Property of ManagePay Group All Rights Reserved Thank you… Chew Chee Seng cheseng@mpsb.net +60122188433