Payment Mechanism of E-commerce and Application of the certificate. Antonius Sommer, CEO TÜViT GmbH
|
|
- Edwin Tyler
- 7 years ago
- Views:
Transcription
1 Payment Mechanism of E-commerce and Application of the certificate Antonius Sommer, CEO TÜViT GmbH
2 Agenda Web site certification D21 initiative in Germany Situation in Europe Future certification for Online shops in Europe Recommendations from Federal office of information security ETSI Extended Validation (EV) certificates Security improvement with eid Data privacy requirements for browsers Mobile devices / mobile payment
3 D 21 recommended Online-certificates Initiative D 21: PPP for promotion the digital community for the 21. century in Germany Trusted Shops S@fer Shopping internet privacy standards EHI tested Online-Shop Quelle:
4 D 21 criteria - abstract Goals: transparency, reliability and credibility, consumer friendly general conditions and services D21-criteria for online shops Vendor identification Particular information duties (e. g. gamble) Price information Terms of contract (transparency, comprehensibility) Service delivery / consignment Applicable law Clear order transaction Revocation and restoration (special law in Germany: Fernabsatzrichtilinie) Data privacy Advertising with electronically communication (automatic call systems, , SMS, MMS, etc.) Data security Complaints and alterative arbitration procedure
5 D 21 criteria Data privacy & data security Data privacy Data avoidance and data thriftiness ( 3a BDSG) Voluntariness for declaration of personal data and orientation to the services offered, use of pseudonyms as much as possible Information about the kind, range and intended purpose of survey, processing and using of personal data or profiling as well as duration of keeping or transmission Public available information for consumers regarding revocation and restoration Control of admission, of access, of transfer, of declaration, of order, of availability, separate processing Data security IT security concept with all relevant threats and state of the art security mechanism Worth protecting: procedures and infrastructure, communication between vendor and consumer Information about cookies with personnel obtainable data protection against unauthorized access
6 D 21 scheme, assets and drawbacks Assets Third party analysis for online shops Not only IT security and data privacy issues Criteria with orientation to consumer right Drawbacks Inflation of certificates Consumers are not able to differentiate The scope of analysis is defined by the criteria, the depths of the analysis is not defined by the criteria Certificates are not comparable
7 Other certificates for Online shops in Europe almost from consumer point of view Austria: (Gütesiegel & Qualitätssiegel) Belgium: (BeCommerce trustmark) Finland: (ASML's trustmark) France: (fevad trustmark) Hungary: (Áruküldők s Gütesiegel) Netherland: (Thuiswinkel Waarborg) Portugal: (PACE trustmark) Switzerland: (VSV Garantie ) Schweden: (Trygg E-handel trustmark) Great Britain: ( Internet Shopping Is Safe Gütesiegel)
8 Future certification for Online shops in Europe The European parliament decided under the following number A7-0226/2010 to establish a unique European certificate for E-commerce
9 Federal office of information security Recommendations for Online-Shopping Threats and IT security mechanism Protection against phishing attacks (Passwords & bank account data) Protection of PCs (Virus protection, Firewall, Security updates, ) Usage of strong passwords and regular change of passwords Seriousness of the online service provider Usage of big and well known service provider or additional analysis for unknown service provider Usage of cryptographic algorithm / SSL-certificates Lock-symbol and EV-certificate (green balk ) Certificates for Online-Shops Initiative D21: Only input and storage of mandatory data; the consumer shall select advertising and newsletter by himself 12 recommendations for Online-Auction Quelle:
10 Extended Validation (EV) certificates CA/Browser Forum = Owner and Issuer of the EV criteria cooperation of browser developer (Apple, Google, KDE, Microsoft, Mozilla, Opera, RIM) and certification bodies Goals Showing identity of the web site Secure crypted communication Aggravation of phishing intuitive method to show secure web sites (green balk + lock with additional information about the service provider) Important differences and increase of trust to normal TLS/SSLcertificates Verification of the legal identity of the web site owner Proof of ownership and the rights of the domain name Verification regarding High Risk Status and Black Lists Special contractually agreements with the certification body EV scheme can be considered to improve the security of web-site of financial institute in Taiwan as well.
11 Country: The country in which the scheme operates Hungary Spain Country Link setlanguageaction.do?lang= en stadores/busquedaprestado res.jsp The European Telecommunications Standards Institute (ETSI) Source of information Type 1 29/7/10 Last Updade 1 29/7/10 No Germany 2 04/6/10 Yes asp Type: The type of body operating the scheme 1.1.TSL: Governmental body or scheme operator 2.2.National bodies recognized by the government, i.e. the German TÜViT 3.3.Others: ETSI members, auditing companies, freelancers, etc. EV: Includes CAs issuing certificates in accordance with CAB Forum Guidelines Further information: Japan is planning to use this ETSI certification in the whole country under support of TÜViT (ETSI TS ) EV
12 The new eid in Germany (npa) Online-identification function (eid-function) for bilateral identification within the Internet mandatory: eid-pin for eid-owner mandatory : authorization certificate for service providers Signing function qualified electronic Signature compliance to German SigG (QES) mandatory : QES-PIN for eid-owner mandatory : qualified certificate from CA
13 eid-function: simplified process Webshop/-application Service provider eid Service 2. forward 4. eid - data 1. request 5. approval 3. bilateral authentification and read data from eid browser used by consumer with eid-app, smart card reader and npa
14 Authentication via using the npa Requirements for the consumer npa and eid-pin Smart card reader (basic, standard or comfort) Internet-PC with browser and installed eid-app Requirements for the service provider (web shop, online shop) Authority certificate for reading the content of npa Authentication procedure 1. Service provider identifies itself against the npa 2. Showing data privacy information and showing the approval of data with are transferred from the npa 3. consumer identifies itself using the npa via the eid-pin
15 Data privacy information and data approval Data privacy information (Example from user tests) Transmitted data (Example from user tests)
16 Using the eid-pin Basis-smart card reader With mouse on the screen (scrambled key board) => minimum protection against spy out Standard- und Comfort-smart card reader Input only on the keypad from the smart card reader => high protection against spy out
17 Available data / information within the npa The authority certificate defines, which data can read from the npa Surname and given name, title if available, Religious order name, stage name, Address including post box, Birthday and birth town, Indication if the age exceeds or is lower than a specified age Indication if the place of residence is the same as requested Kind of ID and issuing country D service- and card specific characteristics Additional data, which are always transmit Disable attribute (for test if the npa is disabled or not) Result of this validation
18 Authority certificates ( 21 PAuswG) Issuer is a government organization based on a law: PAuswV (Bundesverwaltungsamt) Before issuing the authority certificates the service providers are check up by this governmental organization
19 Further security features Data privacy compliance npa-authentification -> unique characteristics is service- and card specific and prevent tracking QES for legally binding commercial operations Immediately disable of authority certificates and lost npas Cryptography used is state of the art Government Security Agency certified smart card reader & eid-app The PC must be secured state of the art by the consumer
20 New data privacy requirements for browsers The European Commission as well as the Article 29 Data Protection Working Party (WP 29) called on the industry to make concrete suggestions especially concerning the transparent and consensual use of cookies deployed by online behavioral advertising (OBA) systems. 1. Requirements for transparency of online behavioral advertising systems are enhanced. This concerns both the duty of information to users and the duty of enabling users to exercise their right of access. 2. Providers of online behavioral advertising systems need to take first steps towards an implementation of opt-in mechanisms as required by the new legal situation. 3. The requirements that were developed under the former legal situation (e.g., waiver of sensitive categories) retain their validity and must be met.
21 Mobile devices / mobile payment Juniper Research forecasts that global NFC mobile contactless payment transactions will reach nearly 50 billion Dollars worldwide by 2014 Senior Analyst David Snow: "Based on our analysis and interviews with key industry players our view is that the next 18 months will see launches in up to 20 countries
22 Mobile devices / mobile payment
23 Mobile devices / mobile payment Infineon provides NFC SIM chips for most NFC pilots worldwide, e.g. in France (for project Cityzi in Nice) where operators like Orange plan full migration of their current SIM to NFC SIMs. The Infineon embedded secure element is used in a majority of NFC smart-phones hitting the market in 2011, putting them in a leading position in the NFC security market. Source: Infineon Technologies
24 Mobile devices / mobile payment NXP & G&D announced at February 15, 2011 Full validation of a joint software solution offering secure interfaces between handsets, NFC functionality and secure elements such as the SIM card The Software enables NFC to be integrated securely into mobile handsets based on the Android platform and other OS Source: NXP Semiconductors Source: Giesecke & Devrient GmbH
25 Mobile devices / mobile payment What is a Secure Element? Secure storage in your NFC device Current Secure Element Implementations: Embedded in Mobile Phone SIM Based RemoveableSecure Element (SD Card) Source: G&D
26 Mobile devices / mobile payment Validation and Certification of mobile payment 1.Evaluation and certification of the HW & SW of the SE 2.Evaluation of the mobile payment applet 3.Evaluation of the secure download and installation of the applet 4.Evaluation of other applications loaded in the SE not to be malicious (i.e. not attacking the payment applet)
27 Thank you for your attention! Contact data TÜV Informationstechnik GmbH Member of TÜV NORD Group Antonius Sommer CEO Langemarckstr. 20 D Essen Telefon: Telefax: URL: Tiger Teng Business development Director, AP Langemarckstr. 20 D Essen Telefon: Telefax: URL:
28 Thank you for your attention! Q&A
Auditor view about ETSI and WebTrust criteria. Christoph SUTTER
Auditor view about ETSI and WebTrust criteria Christoph SUTTER Outline 1. Conformity Assessment (in general) relevant standards criteria / normative document certification object (here certification service
More informationElectronic Citizen Identities and Strong Authentication
Electronic Citizen Identities and Strong Authentication Sanna Suoranta, Lari Haataja, Tuomas Aura Department of Computer Science Aalto University Finland Sanna Suoranta sanna.suoranta@aalto.fi Content
More informationEESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.
EESTEL White Paper October 29, 2014 Apple iphone 6, Apple Pay, What else? On 2014, September 9 th, Apple has launched three major products: iphone 6, Apple Watch and Apple Pay. On October 17 th, Apple
More informationGlobal eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa
Global eid Developments Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa Agenda Country View on eid initiatives Trustworthy Identity Scenarios Microsoft eid update Summary
More informationeidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke
eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke Agenda eidas Regulation TR-03110 V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas
More informationGain a New Level of Trust with Extended Validation SSL Certificates
Gain a New Level of Trust with Extended Validation SSL Certificates Higher Standard for SSL Certificates Malicious Internet activities such as phishing and pharming have victimized millions of people.
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationISO/IEC 24727 for secure mobile web applications
ISO/IEC 24727 for secure mobile web applications Jan Eichholz 1 Detlef Houdeau 2 Detlef Hühnlein 3 Manuel Bach 4 1 Giesecke & Devrient GmbH, jan.eichholz@gi-de.com 2 Infineon Technologies AG, detlef.houdeau@infineon.com
More informationHitting the N-Mark with NFC
WHITEPAPER Hitting the N-Mark with NFC This whitepaper is an extract from: NFC Retail Marketing & Mobile Payments Markets, Forecasts & Strategies 2011-2016... information you can do business with Hitting
More informationTraining. MIFARE4Mobile. Public. MobileKnowledge April 2015
MIFARE4Mobile Public MobileKnowledge April 2015 Agenda Why MIFARE4Mobile? MIFARE in Mobile related technologies MIFARE technology NFC technology MIFARE4Mobile technology High level system architecture
More informationAn Open Source eid Simulator Open Identity Summit 9th -11th September 2013
An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 BSI Tobias Senger HJP Consulting Holger Funke Agenda Requirements of BSI Current state Simulator Virtual Smart Card Reader Community
More informationCredential Management for Cloud Computing
Credential Management for Cloud Computing Workshop Cloud Security, 16.07.2014 Dr. Johannes Luyken Page 1 Security breaches increase in their impact by exploiting online access to confidential data that
More informationfulfils all requirements defined in the technical specification The appendix to the certificate is part of the certificate and consists of 6 pages.
The certification body of TÜV Informationstechnik GmbH hereby awards this certificate to the company D-TRUST GmbH Kommandantenstraße 15 10969 Berlin, Germany to confirm that its certification service D
More informationMobile Payment: The next step of secure payment VDI / VDE-Colloquium. Hans-Jörg Frey Senior Product Manager May 16th, 2013
Mobile Payment: The next step of secure payment VDI / VDE-Colloquium May 16th, 2013 G&D has been growing through continuous innovation Server software and services Token and embedded security Cards for
More informationE-commerce workshop data pack
1 E-commerce workshop data pack Andrew Griffin (griff@oakhallventures.com) E-commerce workshops panel host DAA12 engagement website e-commerce animator http://daa.ec.europa.eu/ E-commerce workshop twitter
More informationThe Security Experts Welcome to my presentation Christian Heutger Internet Security Days 13. 15.09.2011
The Security Experts Welcome to my presentation Christian Heutger Internet Security Days 13. 15.09.2011 PSW GROUP & Co. KG The security experts! Founded in 2000! Over 15.000 customers! Services:! Seals
More informationPRIVACY POLICY (LAST UPDATED: 29.05.2015)
PRIVACY POLICY (LAST UPDATED: 29.05.2015) CONTENTS 1 Personally Identifiable Information... 3 2 Collection of Personally Identifiable and Other Data and Information... 3 2.1 When visiting our website www.zanox.com...
More informationMobile Contactless Payments and Data Privacy
Data Privacy Purpose We are on the cusp of the next major evolution in consumer payments. In the not too distant future, it is likely we will be making payments using our credit and debit cards embedded
More informationFAQs - New German ID Card. General
FAQs - New German ID Card General 1) How to change from the old ID card to the new one? The new Law on Identification Cards came into effect on 1 November 2010. Since then, citizens can apply for the new
More informationLeonardo Hotels Group Page 1
Privacy Policy The Leonardo Hotels Group, represented by Sunflower Management GmbH & Co.KG, respects the right to privacy of every individual who access and navigate our website. Leonardo Hotels takes
More informationSicherheitsaspekte des neuen deutschen Personalausweises
Sicherheitsaspekte des neuen deutschen Personalausweises Dennis Kügler Bundesamt für Sicherheit in der Informationstechnik egov Fokus 2/2013: Identity- und Access Management im E-Government Rethinking
More informationCODE SIGNING. Why Developers Need to Digitally Sign Code and Applications. +1-888-690-2424 entrust.com
CODE SIGNING Why Developers Need to Digitally Sign Code and Applications +1-888-690-2424 entrust.com Table of contents Why Code Sign? Page 3 What is Code Signing? Page 4 Verifying Code Authenticity Page
More informationSecuring the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility
1 An Introduction v2.0 September 2015 Document History 2 Version Date Editor Remarks 1.0 06/04/2011 OMAPI Working Group Public release 2.0 27/09/2015 OMAPI Working Group Public release Copyright 2015 SIMalliance
More informationTechnical Guideline TR-03107-1 Electronic Identities and Trust Services in E-Government
Technical Guideline TR-03107-1 Electronic Identities and Trust Services in E-Government Part 1: Assurance levels and mechanisms Version 1.0 This translation is informative only. The normative version is
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationPrivacy Policy (as of 02.2015)
Privacy Policy (as of 02.2015) We want you to feel secure when visiting our websites, viewing our Online Shop and during all bidding and purchasing processes and their handling, when you engage Auctionata
More informationCERTIFICATION PRACTICE STATEMENT UPDATE
CERTIFICATION PRACTICE STATEMENT UPDATE Reference: IZENPE-CPS UPDATE Version no: v 5.03 Date: 10th March 2015 IZENPE 2015 This document is the property of Izenpe. It may only be reproduced in its entirety.
More informationETSI SR 003 091 V1.1.2 (2013-03)
SR 003 091 V1.1.2 (2013-03) Special Report Electronic Signatures and Infrastructures (ESI); Recommendations on Governance and Audit Regime for CAB Forum Extended Validation and Baseline Certificates 2
More informationFAQs for Two-factor Authentication
FAQs for Two-factor Authentication Two-factor Authentication 1. What is two-factor authentication? Two-factor authentication is an authentication scheme that increases online security by relying on a combination
More informationBrainloop Cloud Security
Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating
More informationLandscape of eid in Europe in 2013
Landscape of eid in Europe in 2013 July 2013 Eurosmart White Paper Contents Executive Summary 3 1. Purpose of the document 3 2. EU regulation 3 3. EU Member States identification policies 4 3.1. National
More informationWhitepaper on identity solutions for mobile devices
Whitepaper on identity solutions for mobile devices How software and hardware features of modern mobile devices can improve the security and user experience of your software Author: Jonas Lindstrøm The
More informationCleaning Encrypted Traffic
Optenet Documentation Cleaning Encrypted Traffic Troubleshooting Guide iii Version History Doc Version Product Date Summary of Changes V6 OST-6.4.300 01/02/2015 English editing Optenet Documentation
More informationfulfils all requirements defined in the technical specification The appendix to the certificate is part of the certificate and consists of 6 pages.
The certification body of TÜV Informationstechnik GmbH hereby awards this certificate to the company Fabrica Nacional de Moneda y Timbre. Real Casa de la Moneda C/Jorge Juan, 106 28009 Madrid, Spain to
More informationNIST-Workshop 10 & 11 April 2013
NIST-Workshop 10 & 11 April 2013 EUROPEAN APPROACH TO OVERSIGHT OF "TRUST SERVICE PROVIDERS" Presented by Arno Fiedler, Member of European Telecommunications Standards Institute Electronic Signatures and
More informationKey & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
More informationFaking Extended Validation SSL Certificates in Internet Explorer 7
Page 1 of 11 Faking Extended Validation SSL Certificates in Internet Explorer 7 June 7 th 2007, V1.1 Martin Christinat, CTO, christinat@.ch Abstract Extended Validation (EV) SSL certificates are a new
More informationMOBILE NEAR-FIELD COMMUNICATIONS (NFC) PAYMENTS
MOBILE NEAR-FIELD COMMUNICATIONS (NFC) PAYMENTS MAY 2013 THESE TECHNOLOGIES ARE BECOMING CONVENIENT AND SIMPLE WAYS TO PAY. Every day merchants seek better ways to grow their business and improve efficiency.
More informationExtended SSL Certificates
Introduction Widespread usage of internet has led to the growth of awareness amongst users, who now associate green address bar with security. Though people are able to recognize the green bar, there is
More informationInternational Compliance
YOUR FREE COPY - NEW - Additional countries outside European Union LEGAL WHITE PAPER International Compliance Legal requirements international einvoicing European Union & Selected Countries Worldwide International
More informationIHK- Firmenbesuch Fachkräfte sichern in der Praxis Ralf Memmel Infineon Technologies AG. 27.06.2012 Page 1
IHK- Firmenbesuch Fachkräfte sichern in der Praxis Ralf Memmel Infineon Technologies AG 27.06.2012 Page 1 IHK-Firmenbesuch Fachkräfte sichern in der Praxis Attraktive Arbeitswelten@Infineon Ralf Memmel
More informationDefinition of Mobile Instant Messaging (MIM) Systems
J son & Partners Consulting Company presents the results of the research Mobile instant messaging systems as a direct threat to SMS. Definition of Mobile Instant Messaging (MIM) Systems MIM (Mobile Instant
More informationSmart Ride: European transit systems move to contactless mobile payments Trends and Developments, May 05, 2015
Industry trends suggest that transit system operators are moving away from traditional methods of payment such as cash, tokens and paper tickets to a variety of electronic payment methods, including near
More informationConCERTO Secure Solutions for Converged Systems
ConCERTO Secure Solutions for Converged Systems Distribution for Switzerland: insinova ag www.insinova.ch Jens Albrecht Email: jens.albrecht@insinova.ch Phone: +41 41 748 72 05 September 2011 SCM Microsystems
More informationTransaction Security. Training Academy
Transaction Security Training Academy Your independent, trusted partner for transaction security technology Welcome to UL UL is a world leader in advancing safety with over a hundred years of history.
More informationWhat is the point of encryption if you don t know who for?
1 What is the point of encryption if you don t know who for? Dr. Colin Walter Head of Cryptography - Comodo Inc. Chairman of Peripherals Working Group Trusted Computing Group. Co-chair - Cryptographic
More informationThe Winnipeg Foundation Privacy Policy
The Winnipeg Foundation Privacy Policy The http://www.wpgfdn.org (the Website ) is operated by The Winnipeg Foundation (the Foundation ). The Winnipeg Foundation Privacy Policy Foundation is committed
More informationA Proper Foundation: Extended Validation SSL
A Proper Foundation: Extended Validation SSL A critical model for SSL digital certificates and browser trust Get this White Paper Entrust, Inc. All Rights Reserved. 1 1 Contents Context of Internet Security...
More informationA Proper Foundation: Extended Validation SSL
A Proper Foundation: Extended Validation SSL A critical model for SSL digital certificates and browser trust Get this White Paper Entrust, Inc. All Rights Reserved. 1 1 Contents Context of Internet Security...
More informationMASTERCARD SECURECODE ISSUER BEST PRACTICES
MASTERCARD SECURECODE ISSUER BEST PRACTICES Minimize Abandonment in Authorization and Maximize Fraud Reduction with an Optimal Implementation of SecureCode Best Practices The explosive growth of e-commerce
More informationFAQs Electronic residence permit
FAQs Electronic residence permit General 1) When was the electronic residence permit introduced? Since 1 September 2011, foreigners in Germany have been issued with the new electronic residence permit
More informationMobile & Security? Brice Mees Security Services Operations Manager
Mobile & Security? Brice Mees Security Services Operations Manager Telenet for Business Agenda Mobile Trends Where to start? Risks and Threats Risk mitigation Conclusion Agenda Mobile Trends Where to start?
More informationSmart Card Technology Capabilities
Smart Card Technology Capabilities Won J. Jun Giesecke & Devrient (G&D) July 8, 2003 Smart Card Technology Capabilities 1 Table of Contents Smart Card Basics Current Technology Requirements and Standards
More informationE-Commerce payment trends. Petr Polak Senior Sales Manager Czech Republic and Slovakia
E-Commerce payment trends Petr Polak Senior Sales Manager Czech Republic and Slovakia 1 Visa Europe European Payment System One VISA Future Visa Europe and Visa Inc. announced today their intention to
More informationStore Logistics and Payment with Near Field Communication
with www.stolpan.com Store Logistics and Payment with Near Field Communication Hagenberg, Hagenberg, March March 20. 2007 20. 2007. Dr. László Kutor, Dr. BMF László Kutor, BMF 19/1 StoLPaN Project Summary
More informationCertified Secure Computer User
Certified Secure Computer User Exam Info Exam Name CSCU (112-12) Exam Credit Towards Certification Certified Secure Computer User (CSCU). Students need to pass the online EC-Council exam to receive the
More informationeid Services as Part of the new German ID Card Ecosystem 27/10/2011
eid Services as Part of the new German ID Card Ecosystem The new German ID Card Features ID CARD New Electronic Features 1. Biometrics Digital photo and (if desired), two electronic fingerprints Only legitimate
More informationPerformance Characteristics of Data Security. Fabasoft Cloud
Performance Characteristics of Data Security Valid from October 13 th, 2014 Copyright GmbH, A-4020 Linz, 2014. All rights reserved. All hardware and software names used are registered trade names and/or
More informationQualified mobile electronic signatures: Possible, but worth a try?
Qualified mobile electronic signatures: Possible, but worth a try? Lothar Fritsch 1, Johannes Ranke 2, Heiko Rossnagel 1 Interest level of audience: 3 - for application developers (interested in IT security)
More informationCertified Secure Computer User
Certified Secure Computer User Course Outline Module 01: Foundations of Security Essential Terminologies Computer Security Why Security? Potential Losses Due to Security Attacks Elements of Security The
More informationWIRECARD FUTURE OF PAYMENTS. MainFirst Insights to Go Web Conference January 22, 2015
WIRECARD FUTURE OF PAYMENTS MainFirst Insights to Go Web Conference January 22, 2015 1. MARKET READINESS FOR MOBILE PAYMENTS IS ACCELERATING NFC: Facts & Figures According to Visa Europe (January 2015),
More informationA Secure and Open Solution for Seamless Transit Systems
A Secure and Open Solution for Seamless Transit Systems Today s Proprietary Fare Collection Systems Transit operators must combat growing security threats while identifying new revenue sources and enhancing
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationPublicly trusted certification authorities (CAs) confirm signers identities and bind their public key to a code signing certificate.
Code Signing Code signing is the process of digitally signing executables and scripts to confirm the identity of the software author and guarantee that the code has not been altered or corrupted since
More informationprovided by you upon registration at one of our websites or for one of our games;
Data Privacy Policy This data privacy policy informs you of which personal data is being collected by gamefabrik GmbH as part of our Internet services and games. It also explains how that data is processed
More informationSSL Certificates 101
Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business. Not only does it make you feel safer
More informationGeneral information about NFC technology
General information about NFC technology What is NFC? How does it work? What is a tap? What is link between NFC technology and Tapit? NFC stands for Near Field Communication. This is a short range wireless
More informationPrivacy Policy Version 1.0, 1 st of May 2016
Privacy Policy Version 1.0, 1 st of May 2016 THIS PRIVACY POLICY APPLIES TO PERSONAL INFORMATION COLLECTED BY GOCIETY SOLUTIONS FROM USERS OF THE GOCIETY SOLUTIONS APPLICATIONS (GoLivePhone and GoLiveAssist)
More informationPKI - current and future
PKI - current and future Workshop for Japan Germany Information security Yuichi Suzuki yuich-suzuki@secom.co.jp SECOM IS Laboratory Yuichi Suzuki (SECOM IS Lab) 1 Current Status of PKI in Japan Yuichi
More informationSecurity from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.
eblvd enables secure, cloud-based access to a PC or server over the Internet. Data, keyboard, mouse and display updates are transmitted over a highly compressed, encrypted stream, yielding "as good as
More informationEncyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.
Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Administrative Awareness Case Study: Government Offices Certification and Accreditation:
More informationA Guide to EMV. Version 1.0 May 2011. Copyright 2011 EMVCo, LLC. All rights reserved.
A Guide to EMV Version 1.0 May 2011 Objective Provide an overview of the EMV specifications and processes What is EMV? Why EMV? Position EMV in the context of the wider payments industry Define the role
More informationInside the Mobile Wallet: What It Means for Merchants and Card Issuers
Inside the Mobile Wallet: What It Means for Merchants and Card Issuers Welcome to the age of Universal Commerce commerce that is integrated, personalized, secure, open, and smart. The lines between in-store
More informationMobile Electronic Payments
Chapter 7 Mobile Electronic Payments 7.1 Rationale and Motivation Mobile electronic payments are rapidly becoming a reality. There is no doubt that users of mobile phones are willing and even asking to
More informationHow Extended Validation SSL can help to increase online transactions and improve customer confidence
How Extended Validation SSL can help to increase online transactions and improve customer confidence White Paper 2 April, 2009 Phishing scams and online fraud have created an environment of fear and doubt
More informationA secure, economic infrastructure for signing of web based documents and financial affairs Overview of a server based, customer-friendly approach.
1 of 8 15.03.2004 14:09 Issue January 2002 A secure, economic infrastructure for signing of web based documents and financial affairs Overview of a server based, customer-friendly approach. Lothar Fritsch,
More informationDeutsche Bank db easynet. Secure method of use of the db easynet e-banking system
Deutsche Bank Secure method of use of the e-banking system Introduction Deutsche Bank pays particular attention to your security. Therefore, the funds entrusted to us by our Customers are protected, using
More informationMobile Payments Applications and Challenges Jose Diaz Director, Business Development & Technical Alliances Thales e-security
www.thales-esecurity.com Mobile Payments Applications and Challenges Jose Diaz Director, Business Development & Technical Alliances Thales e-security 2 / Verizon Data Breach Report 3 / Victim Industry
More informationMobile Financial Services Business Ecosystem Scenarios & Consequences. Summary Document. Edited By. Juha Risikko & Bishwajit Choudhary
Mobile Financial Services Business Ecosystem Scenarios & Consequences Summary Document Edited By Juha Risikko & Bishwajit Choudhary Mobey Forum Mobile Financial Services Ltd. Disclaimer: This document
More informationEmbedded Java & Secure Element for high security in IoT systems
Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product
More informationIndustry 4.0: Cyber-Security Challenges on the Horizon
Industry 4.0: Cyber-Security Challenges on the Horizon Threats in Industry 4.0 and IoT Impact on medical equipment Solutions Oliver Winzenried Co-Founder and CEO oliver.winzenried@wibu.com 2015-04-21 MEDTEC:
More informationReal-World advanced Emergency Call Handling for cars Saving Lives and Reducing Costs. Pierre Lecointe - PSA Peugeot Citroën.
Real-World advanced Emergency Call Handling for cars Saving Lives and Reducing Costs Pierre Lecointe - PSA Peugeot Citroën. Agenda PSA Peugeot Citroën : Corporate presentation PSA Emergency Call System
More informationDigital signature and e-government: legal framework and opportunities. Raúl Rubio Baker & McKenzie
Digital signature and e-government: legal framework and opportunities Raúl Rubio Baker & McKenzie e-government concept Utilization of Information and Communication Technologies (ICTs) to improve and/or
More informationID Certificates (SMIME)
ID Certificates (SMIME) Reliability on the Internet Technology, security and usage www.certum.eu CONTENTS Introduction I. ID Certificates in a nutshell... 1. What is an ID Certificate?... 2. What is a
More informationBuilding Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd.
Building Trust in a Digital World Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd. 2 Global incidents Equivalent of 117,339 incoming attacks per day, everyday Total number
More informationAll rights reserved. 2011, EuroPriSe/ULD
January 2011 Position paper on certifiability of online behavioural advertising systems according to EuroPriSe Follow-up EuroPriSe - European Privacy Seal at the Unabhängiges Landeszentrum für Datenschutz
More informationInternet Banking Internal Control Questionnaire
Internet Banking Internal Control Questionnaire Completed by: Date Completed: 1. Has the institution developed and implemented a sound system of internal controls over Internet banking technology and systems?
More informationContactless Payments. Björn Salomon-Sörensen, Account Director - Swedbank November 11, 2015
Contactless Payments Björn Salomon-Sörensen, Account Director - Swedbank CONTACTLESS BASICS AND BENEFITS What s Inside MasterCard Contactless? Similar to a standard MasterCard card with some differences.
More informationextended validation SSL certificates: a standard for trust THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES
extended validation SSL certificates: a standard for trust THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES EXTENDED VALIDATION SSL CERTIFICATES: A STANDARD FOR TRUST...1 Who Do You Trust?...1 The
More informationeprivacy GmbH Criteria Catalogue "eprivacyapp" June 2015
eprivacy GmbH Criteria Catalogue "eprivacyapp" June 2015 The eprivacyapp seal for data security and data protection from eprivacy GmbH certifies the respective requester that his/her offer is compliant
More informationBEGINNERS GUIDE BEGINNERS GUIDE TO SSL CERTIFICATES: MAKING THE BEST CHOICE WHEN CONSIDERING YOUR ONLINE SECURITY OPTIONS
BEGINNERS GUIDE TO SSL CERTIFICATES: MAKING THE BEST CHOICE WHEN CONSIDERING YOUR ONLINE SECURITY OPTIONS BEGINNERS GUIDE TO SSL CERTIFICATES INTRODUCTION Whether you are an individual or a company, you
More informationINTRODUCTION AND HISTORY
INTRODUCTION AND HISTORY EMV is actually younger than we all may think as it only became available, as a specification that could be implemented, in 1996. The evolution of EMV can be seen in the development
More informationEmerging gtrends and Innovation in Payments
Emerging gtrends and Innovation in Payments Introduction & Agenda Transaction Network Services is the strategic partner driving payments behind the Civica ICON solution Some headline facts about TNS: We
More informationAs simple as e-mail and as secure as postal mail.
Stay up-to-date Page 1 The advantages of De-Mail for individuals, businesses and Page 2 government agencies Unencrypted, unprotected, unverified what does that mean? Page 3 Encrypted, protected, verified
More informationIAB EUROPE PUBLISHES ITS FIRST EVER ONLINE ADVERTISING FORECASTS BASED ON ACTUAL SPEND IN 19 EU MARKETS
IAB EUROPE PUBLISHES ITS FIRST EVER ONLINE ADVERTISING FORECASTS BASED ON ACTUAL SPEND IN 19 EU MARKETS Direct response dominates online advertising but branding campaigns offer best prospects for the
More informationSmart Card Solutions: Bringing Value to Citizens
Smart Card Solutions: Bringing Value to Citizens by Thomas Röder The focus of modern smart card applications, especially in the electronic identity card landscape, has shifted from an approach purely driven
More informationSecurity and Trust: The Backbone of Doing Business Over the Internet
WHITE PAPER: SECURITY AND TRUST: THE BACKBONE OF DOING BUSINESS OVER THE INTERNET White Paper Security and Trust: The Backbone of Doing Business Over the Internet Security and Trust: The Backbone of Doing
More informationTransaction Security. Advisory Services
Transaction Security Advisory Services Your independent, trusted partner for transaction security technology Welcome to UL UL is a world leader in advancing safety with over a hundred years of history.
More informationExtended Validation SSL Certificates
Extended Validation SSL Certificates A NEW STANDARD TO INSPIRE TRUST, improve confidence and increase sales... INDEX 1. Extended Validation (EV) SSL Certificates solving a trust problem 2. Traditional
More informationDownloading Office Communicator Mobile for BlackBerry, Windows Mobile, and Java enabled mobile devices.
Office Communicator Mobile / Download Software Page 1 of 9 Downloading Office Communicator Mobile for BlackBerry, Windows Mobile, and Java enabled mobile devices. 1. From any PC, navigate to http://www.apptix.com/webconferencing/
More information