Presentation Rundown. Introduction Product Overview Product Features Product Value Product Applications Question and Answer



Similar documents
1. Product Overview 2. Product Feature 3. Product Value 4. Development Environment 5. Software Development Kit 6. Product Application 7.

ACR880 GPRS Portable Smart Card Terminal

Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011

Strong authentication of GUI sessions over Dedicated Links. ipmg Workshop on Connectivity 25 May 2012

Quick Merchant Operator Guide Emmy

CA ArcotOTP Versatile Authentication Solution for Mobile Phones

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc.

Leo (for any device) User Guide. 1. Important information to protect your business

FD40 User Guide. Version 16.0 June 2015

What Merchants Need to Know About EMV

EMV's Role in reducing Payment Risks: a Multi-Layered Approach

Quick Merchant Operator Guide IPP350

Securing Card-Not-Present Transactions through EMV Authentication. Matthew Carter and Brienne Douglas December 18, 2015

SafeNet Authentication Client (Windows)

Mobile PayWay User guide

Welcome Guide for MP-1 Token for Microsoft Windows

Frequently Asked Questions (FAQ) on HSBC Chip Credit Cards

Chip Card (EMV ) CAL-Card FAQs

IDRBT Working Paper No. 11 Authentication factors for Internet banking

French Justice Portal. Authentication methods and technologies. Page n 1

Entrust IdentityGuard

Entrust IdentityGuard Versatile Authentication Platform for Enterprise Deployments. Sam Linford Senior Technical Consultant

A Guide to EMV. Version 1.0 May Copyright 2011 EMVCo, LLC. All rights reserved.

FAQ on EMV Chip Debit Card and Online Usage

The Canadian Migration to EMV. Prepared By:

Electronic Payments Part 1

Introducing etoken. What is etoken?

Mobile PayWay. User guide

MASTERCARD SECURECODE ISSUER BEST PRACTICES

CRESCENDO SERIES Smart Cards. Smart Card Solutions

Index. 1-FLYPOS hardware/firmware Technology Overview 2-FLYPOS software architecture 3-Gateway/Acquirer Interface 4-Letters of Approval

Quick IWL255 Merchant Operator Guide

MiniPOS and BluePad-50 user manual

Digital Signatures on iqmis User Access Request Form

Cisco VPN Concentrator Implementation Guide

Converged Smart Card for Identity Assurance Solutions. Crescendo Series Smart Cards

PCI 3.1 Changes. Jon Bonham, CISA Coalfire System, Inc.

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization

Revenue Security and Efficiency

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

etoken Single Sign-On 3.0

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

PAYMENT EXPRESS EFTPOS GETTING STARTED GUIDE. Version 0.1

SafeWord Domain Login Agent Step-by-Step Guide

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard

2-FACTOR AUTHENTICATION WITH OPENLDAP, OATH-HOTP AND YUBIKEY. Axel Hoffmann

A RE T HE U.S. CHIP RULES ENOUGH?

Remote Access Securing Your Employees Out of the Office

Secure Web Access Solution

Intel Identity Protection Technology Enabling improved user-friendly strong authentication in VASCO's latest generation solutions

Chip and PIN: two-factor authentication

What is EMV? What is different?

Two-Factor Authentication

EMV FAQs. Contact us at: Visit us online: VancoPayments.com

EMV in Hotels Observations and Considerations

FUTURE PROOF TERMINAL QUICK REFERENCE GUIDE. Review this Quick Reference Guide to. learn how to run a sale, settle your batch

Guide to Electronic Offline Voucher Processing For Payment Express EFTPOS

Flexible Identity. Tokenless authenticators guide. Multi-Factor Authentication. version 1.0

EMV and Small Merchants:

How To Protect A Smart Card From Being Hacked

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

Tokenization: FAQs & General Information. BACKGROUND. GENERAL INFORMATION What is Tokenization?

EMV and Restaurants: What you need to know. Mike English. October Executive Director, Product Development Heartland Payment Systems

Defender EAP Agent Installation and Configuration Guide

FEITIAN PKI Authentication Token. epass2003 with FIPS Cer tification

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

Two factor strong authentication. Complex solution for two factor strong authentication

PCI Security Standards Council

epass OTP Authentication System White Paper

MIGRATION GUIDE. Authentication Server

ADVANTAGES OF A RISK BASED AUTHENTICATION STRATEGY FOR MASTERCARD SECURECODE

Understand the Business Impact of EMV Chip Cards

How Secure are Contactless Payment Systems?

Installation Instructions for 9555 USB Driver

MyKey is the digital signature software governed by Malaysia s Digital Signature Act 1997 & is accepted by the courts of law in Malaysia.

FAQ Credit Card (PIN & PAY)

An Enhanced Countermeasure Technique for Deceptive Phishing Attack

BlackShield Authentication Service

PLACE GROUP UK LONDON STUDENT HOUSING GROUP PAYMENT CARD INDUSTRY DATA SECURITY STANDARD COMPLIANCE STATEMENT PCI DSS (09) VERSION: 2009PCIDSSP4S01

Getting started with the e.dentifier2

RSA SecurID Two-factor Authentication

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION

Apple Pay. Frequently Asked Questions UK Launch

Security enhancement on HSBC India Debit Card

Two-factor authentication Free portable encryption for USB drive Hardware disk encryption Face recognition logon

INTEGRATION GUIDE. DIGIPASS Authentication for F5 FirePass

DIGIPASS Authentication for Check Point Connectra

Transcription:

www.acs.com.hk

Presentation Rundown Introduction Product Overview Product Features Product Value Product Applications Question and Answer

Introduction As technology becomes more and more sophisticated, fraud-related incidents in the banking sector also become more prevalent. These occurrences generate billions of dollars worth of losses and bring distress among credit and debit cardholders. Because of these, certain security measures and systems are created. In this regard, the APG8201 PINhandy + USB OTP generator is a reliable tool that can be utilized to fight these occurrences.

Introduction: One Time Password One Time Passwords are password that can be used only ONCE Types of OTPs: Predefined from a list Randomly Generated by Jessica Chan

Introduction: One Time Password More secure since its almost impossible to hack or phish. No need to remember multiple passwords for different systems. Dynamic passwords: Unique Password for Each Person PIN VS OTP Static Password Memorization of multiple passwords Set of passwords is personalized Dynamic Password Little Memorization or no Memorization at all Two people will never have the same set of passwords

Introduction: OTP Devices Devices or applications that can generate one-time passwords Can be classified into Mathematical algorithm type, timesynchronized type and challenge type More secure than using traditional printed OTP list OTP scratch card OTP applications OTP devices

Product Overview Supports Challenge-response and Transaction Data Signing Modes Requires the presence of smart card, PIN and challenge code prior the generation of OTP User PIN + challenge

Product Overview PC Linked Mode Standalone Mode USB 2.0 Full Speed Supports PC/SC 2.01 Secure PIN Entry Handheld Device with Compact and Portable Design

Product Overview Card Slot (contact type connector) (min 100K insertion cycles) CAP Authentication modes (L-R) 1. OTP 2. Challenge-response 3. Signature 4. TDS 20 Numeric Keys (R: Reserved for Future Use) LCD (2 x 16 chars)* Large area for logo Value-added Calculator + E-purse Function *Graphical LCD for showing Logo Multiple Languages: Simplified Chinese, Traditional Chinese, French, English 9

Product Overview Buzzer 2 x CR2032 batteries (5 years life expectancy) Reset Button USB port (for APG8201only) www.acs.com.hk 10

Product Features Standalone Mode or USB Connected Mode Size: 95mm x 60mm x 11mm Other Features: Graphical LCD (128x24 Pixels) Keypad with 20 Silicon Keys Monotone Buzzer Calculator Function Smart Card Interface: PC/SC Secure PIN Entry (SPE) CCID in USB Connected Mode Contact Card Support: ISO 7816 (Class A) MCU Cards (T=0, T=1) Supported Languages: English French Traditional Chinese Simplified Chinese www.acs.com.hk 11

Product Features ISO 7816 Support PCSC Compliant Mastercard CAP Mastercard PLA/AA4C VISA DPA EMV Level 1 Certified APG8201 CCID Compliant OS Support: 1. Win 98 2. Win ME 3. Win 2000 4. Win XP 5. Win 7 6. Win Vista 7. Win Server 2003 8. Win Server 2008 9. Win Server 2008 R2 UK APACS CE and FCC Compliant RoHS Compliant 12

Product Value It is specially designed to safeguard users from the emerging fraud attacks like Card-not-Present (CNP) fraud and emerging Man-in-the- Middle attacks. Key generated will be based on the smart card to be used with the device It provides proof that a card is present during an OTP process. The PIN is securely entered on the device rather than the vulnerable PC or workstation, hence eliminating the possibility of a Virus/Trojan getting hold of the PIN.

Application Overview Windows Logon Corporate Security Online Gaming ecommerce/ebanking Loyalty System Home Banking www.acs.com.hk 14

Application Overview STANDALONE MODE Usage: Dynamic Password Generator Standard Supported: MasterCard Chip Authentication Program (CAP) MasterCard Advanced Authentication for Chip (AA4C) VISA Dynamic Password Generation (DPA) www.acs.com.hk 15

e-banking: Identify Mode Insert the card Choose Identify Mode Input the PIN User browses the Online webpage of the online-banking, and try to logon, which username. OTP Token Generated: 4356 7869 Input Details Indicated in the Website (i.e. Card Number) Input OTP generated in the website User can access his/her information online Once verified by the backend server the website will permit the transaction to continue Information Verified By the CAP/AA4C Backend Server 16

e-commerce: Challenge-Respond Mode Insert the card Choose Mode 2 Input the PIN Input Challenge User browses the Online webpage to purchase goods/services Merchant Website provides a challenge ( i.e. random/hashed number) OTP Token Generated: 4356 7869 Input Details Indicated in the Website (i.e. Card Number) Input OTP generated User is able to purchase goods and services Once verified by the backend server the website will permit the transaction to continue Information Verified By the CAP/AA4C Backend Server 17

e-banking: Sign Mode Insert the card Choose Mode 3 Input the PIN Input Challenge Enter Transaction Amount User chooses to perform Fund Transfer The e-banking Website asks the user to sign the transaction to continue OTP Token Generated: 4356 7869 Input Details Indicated in the Website Input OTP generated User has successfully performed fund transfer Once verified by the backend server the website will permit the transaction to continue Information Verified By the CAP/AA4C Backend Server 18

e-banking: Transaction Data Signing User chooses to perform Fund Transfer (large sums of money involved) The e-banking Website asks the user to verify the account number and sign the transaction to continue Insert the card Choose Mode 4 Input the PIN Input Challenge Input Account Number Enter Transaction Amount OTP Token Generated: 4356 7869 Input Details Indicated in the Website Input OTP generated User has successfully performed fund transfer Once verified by the backend server the website will permit the transaction to continue Information Verified By the CAP/AA4C Backend Server 19

Application Overview PC LINKED MODE Usage: USB Pinpad Reader for Contact Cards Standard Supported: PC/SC Part 10: Secure Pin Entry CCID EMV Level 1 www.acs.com.hk 20

PC-Linked Application User browses an online website for any transaction Attach Contact Card Reader to terminal Insert the Contact Card Input PIN in keypad User transaction successful Once user authentication is verified, the website will allow the transaction to continue 21

22

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information