Frans Bolk CEO UniQ-ID

Transcription

1 Frans Bolk CEO UniQ-ID

2 Uses certificates ( x.509) Has its own UniQ-CA ETSI Level of Security LoS5 ( Common Criteria EAL5+) ISO29115 and ISO29003 Level of Assurance LoA 4, and 3, and 2 ( STORK4+, and 3, and 2) Identity & Access Management as a service Access to on premise applications AND cloud applications!

3 Depending on risk analyses one or a combination of any factors below can be made Something you have ( certificate on token) Something you have ( out of band authentication with smart-phone Something you know ( PIN code ) Something you are ( biometry) Customer experience is very favorable with three factor authentication were a certificate is used with a PIN code and out of band with smartphone. It feels like one-factor.

4 Is privacy Enhanced Biometry NOT linkable to person Person is linkable to biometry Biometry is NOT stored Biometry is re-usable All ten fingers can be used Uses standard bank card Communication with sensor is secure ( identity and communication) Biometry is protected through certificate

5 The internet brings us globalisation: More opportunities More organisations More people More complexities UETP simplifies complexities Lowers cost Opens global markets

6

7 Know who you are doing business with! To be successful in business you need: Integrity Authenticity Confidentiality

8 One buyer One identity

9

10 One buyer One identity UETP ID One transaction

11

12 All information needed to fulfill transaction for all players included in one receipt Receipt digitally signed with irrefutable electronic signature Receipt is human readable Receipt has time stamp and identity

13 Use a standard EMV bank card Extend card with eid/eidas environment Result is a card with two environments ( in a legal and logical sense it s two cards into one) EMV uses standard PIN ( 4 digits) PKI uses other PIN ( 6 digits) EMV part does not change Liability for EMV does NOT change

14 UniQ-CA uses certified protocols for registration, production, dissimation and revocation of certificates UniQ-CA integrates it s processes with the banks: Registration process Card management Card personalisation Bank is NOT liable for eid/eidas Customer signs off on it.

15 Quick Scan Categorise participants How to extend registration process with Bank-ID Education Registration Officers How to integrate with Card Management How to integrate with current Card personalisation/production process Small test with cards in simulated process

16 Proof of Concept Limited # participants ( ) Extend registration process with eid/eidas Education Registration Officers Integration Card Management Integration Card personalisation/production process

17 Cloud Security Cloud security is an ever-present concern for businesses looking into cloud-based solutions. While the cloud offers well known advantages - including easier access and reduced costs - there is still a general apprehension about cloud security that must be addressed by cloud service providers. UniQ-ID empowers banks with an out of the box solution that is feature rich and secure.

18 Cloud Security Features UniQ-ID IAM is a set of easy-to-deploy identity components that run alongside the banks (cloud) applications, putting the bank in control of cloud IAM. Identity data is kept safe and access is controlled. With an extensive background in security solutions, UniQ-ID IAM has numerous cloud security features, including: Packaged software components providing the bank with ownership and control of the identity data OpenID Connect and SAML mediated authentication options including multi-factor authentication, SSO and social login Integrated role and access-based access control for directory data Externalised application and API access control using our XACML v3.0 policy-based authorization server Splunk integration providing audit tools for both analytics and compliance UniQ-ID specialises in delivering ingenious identity and access management solutions that enhance the banks existing offerings. UniQ-ID IAM is a cloud identity solution, developed to provide flexible, scalable and secure identity management for the banks (cloud) applications.

19