Vasco Data Security is a leading company in authentication solutions, serving over 1,500 financial institutions globally and focusing on protecting identities across various sectors. The document highlights the prevalence of weak passwords, the challenges of employee authentication, and the importance of smart technologies like one-time passwords (OTP) for enhancing security. It also discusses different client needs for secure access to sensitive information and the potential risks associated with cybercrime.

1. ”Psst…I know your
password”
Hans Liljedahl
Channel Manager
Nordic & Baltic Region
VASCO Data Security
VASCO Data Security 1

2. The Authentication Company
VASCO Data Security 2

3. VASCO update
VASCO, the Full Option, All-Terrain Authentication Company
VDSI - Financially healthy & profitable.
Top-100 fastest growing IT-
companies in the world.
VASCO Data Security 3

4. Corporate Profile: VASCO Worldwide
VASCO Offices
VASCO sales presence
VASCO Data Security 4

5. Full option, All terrain
Verticals & segments
VASCO Data Security 5

6. Full Option & All-Terrain
All-Terrain = All applications/technologies
Healthcare Automotive B-to-B Social Security E-brokerage E-banking
E-commerce E-government Publishing Industry Education Online gaming
VASCO’s products are used in over 50 applications
VASCO Data Security 6

7. Banking References
• Over 1500 international financial institutions put
their trust in VASCO’s solutions & deployments.
VASCO Data Security 7

8. VASCO Enterprise Security Customers
VASCO Data Security 8

9. Tools on internet...
VASCO Data Security 9

10. Your identity… on line
32 million user passwords exposed
VASCO Data Security 10

11. Your identity…on line
VASCO Data Security 11

12. TOP 20 of passwords used
VASCO Data Security 12

13. TOP 20 of passwords used
VASCO Data Security 13

14. Human Behaviour…
42% used lowercase letters from "a to z“
only 6% mixed alpha-numeric and other characters
many of the top 20 passwords used were names
nearly 2,000 of the passwords were only 6 characters long
the longest password was 30 characters –
“lafaroleratropezoooooooooooooo”
VASCO Data Security 14

15. Hacking on line resources
VASCO Data Security 15

16. Hacking on line resources
VASCO Data Security 16

17. In the news….
VASCO Data Security 17

18. In the news….
VASCO Data Security 18

19. High Tech Fraud Schemes
On the global black market (Symantec, accounts.com):
• Your e-mail password is worth $4.00
• Your credit card number is worth $0.40
• Your social security number is worth $1.00
• Your bank account is worth $10.00
• Your level 70 undead rogue with quest blues and a flying mount is worth $425.00
VASCO Data Security 19

20. Phishing
VASCO Data Security 20

21. QUIZ
• Do you recognize this?
• How many (different) passwords do you have to remember?
• Do you write down your passwords (or keep them in a file)?
• Is your static password at least 8 characters long ?
is it a combination of numbers, symbols and letters?
• How often do you (have to) change your passwords?
• Have you ever given your password to someone else?
• Passwords can be guessed, stolen, hacked, …
• Password Sharing, Shoulder Surfing......
• How can I be sure that you are really the one you say you are?
VASCO Data Security 21

22. PASSWORD CHECKER
rTyx*pK2%9
http://www.howsecureismypassword.net
VASCO Data Security 22

23. Cheapest solution...
I’m safe for 17.000 years….
my password is
rTyx*pK2%9
invented by xxx today
forgotten by xxx tomorrow
So, call help desk…or use smart technology
VASCO Data Security 23

24. So, what about your (on-line) business?
VASCO Data Security 24

25. The Password Challenge
User 1:
“I have to remember about 20 passwords…”
User 2:
“I have to change them every 30 days”
User 3:
“All should be different so if one password is
compromised all others are not.”
VASCO Data Security 25

26. The Staff Authentication Challenge:
CEO:
„Employees use passwords of their colleagues
to get access to information they are not
entitled to see!“
VASCO Data Security 26

27. The Staff Authentication Challenge:
Sales Director: Authentication Challenge
The Mobile Staff
„My team needs access to the corporate network
and their e-mail wherever they are.
It should be very efficient when they are in the
office and very safe when they are somewhere
out, especially when using an Internet Cafe.”
VASCO Data Security 27

28. The Staff Authentication Challenge:
General Manager:and Access Challenge
The Data Protection
„The laptop of my closest staff member was stolen
out of the car recently. I‘m extremely alarmed
that the sensitive data on it finds its way to our
competition.”
VASCO Data Security 28

29. The Staff Authentication Challenge:
Marketing: Authentication Challenge
The Cloud
„We need to reliably authenticate our customers
when they access our online services. “
VASCO Data Security 29

30. The Staff Authentication Challenge:
CTO The weakest link….
„We have invested $$ in Firewalls, VPN, SSL-VPN,
online applications, anti spam, anti-virus, content
filtering, web traffic management tools, etc…
But the weakest link is the colleague ! “
VASCO Data Security 30

31. Why are you a potential cybercrime victim?
You are connected and as a consequence you have:
• an infrastructure to test a virus
• a server connected to the web for storage of illegal
content
• a temporary system for illegal activities
(spamming, botnet, …)
• bandwidth to share
• information which is valuable on the black market
(Personal, financial or business info)
VASCO Data Security 31

32. So…Why not use smart
technology instead?
VASCO Data Security 32

33. Strong User Authentication
Pin code:
‘1234’
VASCO Data Security 34

34. 1000x login screens…
• Whenever you need to type username and
password,
replace it by a better solution!
VASCO Data Security 35

35. Replacing static passwords with OTP
HANS LILJEDAHL
r°5w^Tyx*pK2%9
blacky1 342601
PIN +
VASCO Data Security 36

36. OTP generation: HOW?
Kdp
872003
DES/3DES/AES
Time
VASCO Data Security 38

37. The concept: GENERATION of OTP
•Digipass calculates One Time Passwords (OTP)
•One time passwords cannot be reused, stolen or hacked
OTP
Encryption Algorithm
Key Time
VASCO Data Security 39

38. The concept: VALIDATION of OTP
Client Side Server Side
Internet
Encryption Algorithm Encryption Algorithm
Key Time Key Time
• Need for Secure Transport & Secure Storage of secret key
• Need for Synchronization of time
VASCO Data Security 40

39. The concept: GENERATION of Electronic Signatures
•Digipass calculates Electronic Signature
•MITMA countermeasure
OTP
Encryption Algorithm
Key Time Data fields
VASCO Data Security 41

40. Authentication – It’s a trade off…
Standards Deployment
OTP / Signature Helpdesk
Procedures Price
User Friendliness
User Acceptance
Portability
Customer type
VASCO Data Security 42

41. IDENTIKEY Server- The Brain & the Heart
Front-End Integration Web-based Command
Administration Line TCL
• User & DIGIPASS
Administration
• Reporting
Apache Tomcat Webserver
SOAP SOAP SEAL
Customer Web
Applications Back-End
Authentication
SEAL
RADIUS
LDAP
RADIUS
IIS Web via Windows API
Applications via Custom API
ODBC LDAP/LDAPS
SEAL-S
AD U&C
PostgreSQL AD
RADIUS Client
Datastore Directory
Windows Desktop Login
UnConnected Connected Server Login Terminal Server Login
VASCO Data Security 43

42. Remote Site: Server Solutions
Vasco has multiple solutions to protect your network and applications:
SOFTWARE HARDWARE SERVICES
Plugins:
•Microsoft IAS
•Juniper SBR
•Novell NMAS
•Imprivata
•AEP
•RACF
•Siteminder
VASCO Data Security 44

43. DIGIPASS AS A SERVICE
DIGIPASS as a Service is a managed authentication solution
DIGIPASS as a Service offers security for multiple applications:
•SaaS solutions
•online gaming
•e-learning applications
•online subscription services (e.g. magazines and newspapers)
•licensed services
•e-government applications
•e-healthcare systems
•e-commerce applications
•e-banking applications
•online insurances applications
•intranet/ extranet
VASCO Data Security 45

44. CLIENT SIDE: DIGIPASS Factory
DIGIPASS GO range with e- DIGIPASS e-signature devices
signature capability
DIGIPASS Software
range
DIGIPASS PKI range for
authentication using digital DIGIPASS card reader range for authentication using
signatures electronic and digital signatures
VASCO Data Security 46

45. DIGIPASS FOR MOBILE
VASCO Data Security 47

46. Ačiū!
Hans.Liljedahl@vasco.com
VASCO Data Security 48