Longmai Mobile PKI Solution



Similar documents
mcard CPK Supported Solutions

Entrust IdentityGuard

Mobile Device as a Platform for Assured Identity for the Federal Workforce

The Convergence of IT Security and Physical Access Control

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

m Commerce Working Group

Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007

Chapter 1: Introduction

The Convergence of IT Security and Physical Access Control

Strong Authentication for Secure VPN Access

Remote Access Securing Your Employees Out of the Office

Secure Data Exchange Solution

Bluetooth Low Energy in Wireless PKI deployments

Public Key Applications & Usage A Brief Insight

Enhancing Organizational Security Through the Use of Virtual Smart Cards

3M Cogent, Inc. White Paper. Beyond. Wiegand: Access Control. in the 21st Century. a 3M Company

Beyond passwords: Protect the mobile enterprise with smarter security solutions

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013

Research Report: Addressing Security Concerns for Connected Devices in the Internet of Things Era

"Secure insight, anytime, anywhere."

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

Windows Phone 8.1 in the Enterprise

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Securing Virtual Desktop Infrastructures with Strong Authentication

Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS

Executive Summary P 1. ActivIdentity

Data Protection Act Bring your own device (BYOD)

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations

Entrust IdentityGuard Versatile Authentication Platform for Enterprise Deployments. Sam Linford Senior Technical Consultant

Network and Security Controls

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

Five Reasons It s Time For Secure Single Sign-On

That Point of Sale is a PoS

Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations

Google Identity Services for work

Advanced Authentication

Manage and secure your workplace by controlling who, what, when, why, where and how people are allowed in your facility. Marquee

ADDING STRONGER AUTHENTICATION for VPN Access Control

Strong Authentication. Securing Identities and Enabling Business

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

Cortado Corporate Server

Kaspersky Lab s Full Disk Encryption Technology

IDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers

An Oracle White Paper December Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance

Guide to Evaluating Multi-Factor Authentication Solutions

Provide access control with innovative solutions from IBM.

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

WHITE PAPER Usher Mobile Identity Platform

Multi-Factor Authentication

Moving to Multi-factor Authentication. Kevin Unthank

Deriving a Trusted Mobile Identity from an Existing Credential

Frequently asked questions

CONTENTS. PCI DSS Compliance Guide

Top 5 Reasons to Choose User-Friendly Strong Authentication

Digital identity: Toward more convenient, more secure online authentication

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security

Where every interaction matters.

Security Architecture Whitepaper

SecureAge SecureDs Data Breach Prevention Solution

EasyConnect. Any application - Any device - Anywhere. Faster, Simpler & Safer Networks

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

Whitepaper on AuthShield Two Factor Authentication and Access integration with Microsoft outlook using any Mail Exchange Servers

Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM

More Expenses. Only this time the Telegraph will have to pay them after their recent data breech

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

Using Contactless Smart Cards for Secure Applications

More effective protection for your access control system with end-to-end security

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis,

API-Security Gateway Dirk Krafzig

Hard vs. Soft Tokens Making the Right Choice for Security

Securing corporate assets with two factor authentication

Deliver Secure, User-Friendly Access to Mobile Business Apps

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

PCI PA - DSS. Point ipos Implementation Guide. Version VeriFone Vx820 using the Point ipos Payment Core

Securing your Mobile Workforce with Okta and Espion

Secure your Privacy. jrsys, Inc. All rights reserved.

How To Use Usher For Business

BYOD THE SMALL BUSINESS GUIDE TO BRING YOUR OWN DEVICE

Cybersecurity and Secure Authentication with SAP Single Sign-On

SECURITY SOLUTIONS BANKING AND FINANCE

F5 and Microsoft Exchange Security Solutions

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

Driving Company Security is Challenging. Centralized Management Makes it Simple.

IQS Identity and Access Management

Mobile Security. IIIIII Security solutions for mobile as an endpoint. financial services & retail. enterprise. public sector. telecommunications

Assessing the Security of Hardware-Based vs. Software-Based Encryption on USB Flash Drives

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES

Intel Enhanced Data Security Assessment Form

ADVANCE AUTHENTICATION TECHNIQUES

PCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00

HIPAA Compliance and Smart Cards: Solutions to Privacy and Security Requirements

Module 1: Facilitated e-learning

Modern Multi-factor and Remote Access Technologies

How Secure are Contactless Payment Systems?

Transcription:

Longmai Mobile PKI Solution A quick Solution to External and Internal fraud in Insurance Industry Putting the client at the center of modernization

Contents 1. INTRODUCTION... 3 1.1 Challenges... 3 1.2 How to solve existing potential security problems?... 3 2. LONGMAI MOBILE PKI SOLUTION... 4 2.1 Design Principle... 4 2.2 Solution Design Aims... 4 2.3 Solution Functions... 4 2.3.1 Strong Multi-factor Authentication... 5 2.3.2 Intranet access control and Logging... 5 2.3.3 VPN logon... 5 2.3.4 Electronic signature... 5 2.3.5 Data encryption/decryption... 5 2.3.6 Email encryption/decryption... 5 3. LONGMAI SOLUTION BENEFITS... 6 3.1 Benefits for End users... 6 3.2 Benefits for Insurance sales... 7 3.3 Benefits for Insurance companies... 7 3.3.1 Snapshot of Success... 8 4. CONCLUSION... 8 5. APPENDIX: GLOSSARY... 9 ABOUNT CENTURY LONGMAI... 10 Contact Us... 10 Century Longmai INTRODUCTION 2

1. INTRODUCTION Today, more than following the rapid development of Internet and mobile devices, industries and enterprises are trying to migrate to online office- connecting business resources to be accessible by employees from anywhere at any time. Meanwhile many Insurance companies are improving expense management through outsourcing by focusing more diligently on core businesses, streamlining existing processes and increasing overall automation. Though insurers have not made the more important investments in how they secure teleworking sales agents or mobile device users. In other words, they continue to use paper documentation and legacy systems that require username and password to access critical information, rather than implementing strong multiple factor authentication (MFA) solutions to protect digital assets from external and internal fraud. 1.1 Challenges In traditional working model, Insurance sales agents are required to carry with them business materials like contracts and agreements for onsite signature of customers: Management costs are high - for example in case a single paper is missing, the agent has to look for the client to re-signify. High possibility of business - critical information leakage or fraud - due to stolen or unintended delivery of document materials. Adoption of digital technology offers insurers the profound ability to improve underwriting, sustainably reduce costs, enhance customer experience, create novel marketing strategies and analyze consumer behavior, but implementing insecure business models for online business and mobile device technologies (BYOD) pose potential external and internal fraud risks. 1.2 How to solve existing potential security problems? Today, more than evermore there is more unauthorized internal network access and users information leakage especially in Insurance industry. Century Longmai is one of the first global digital solution providers to design a Mobile PKI solution to successfully identify online and offline users, mitigate frequent data breaches, and protect enterprise confidential data and applications from unauthorized access. In addition, the solution adopts an environmental-friendly paperless office trend for Insurance identity authentication and information protection is designed to successfully security authentication on users identity. Century Longmai INTRODUCTION 3

2. LONGMAI MOBILE PKI SOLUTION More than ever, strong identity authentication is the foundation of secure electronic office (can effectively fight against malicious and prevent information leakage). Insurance sales agents store business-critical and clients data on internal insurance system or cloud servers which are accessible through their mobile devices or through VPN terminals posing significant risk of unauthorized data access through password theft attacks or sophisticated malware attacks. Century Longmai provides an Insurance Identity Solution based on smart card technology for multi-purpose personal security device authentication - ensuring insurance companies have the ability to validate a person s identity, insurance information and obtain an overview of agents and end users event history. It is a cost effective and secure method for uniting the vast information generated by financial sectors into one data source protected by advanced encryption algorithms only accessible with right user permissions. 2.1 Design Principle The Longmai Mobile PKI solution is designed mainly for mobile devices - based on wireless PKI -leverages smart card technology for secure network authentication, user identity authentication and communication encryption purposes in accordance to the below principles: Overall planning and step by step implementation. Unified regulations and standards. Optimized utilization of available resources. Customizable through integration to achieve the real demands of Insurance sector. 2.2 Solution Design Aims Building business management system based on information security principles. Building secure business management system based on Insurance business. Verification of user identity by a strong authentication protocol. Combined data encryption and digital signature functions in the business management system to fight against information leakage. 2.3 Solution Functions Century Longmai s mobile PKI solution can effectively fight against insurance users identity information leakage issues by providing: Century Longmai LONGMAI MOBILE PKI SOLUTION 4

2.3.1 Strong Multi-factor Authentication In all IT Infrastructures setup, user identity authentication is not optional when considering a security solution. Longmai mobile PKI authentication function supports for end user identity all users attempting to access corporate systems MUST verify their USERNAME and Password and present PIN for Longmai mtoken device. This ensures a strong multiple factor (MFA) solution that can ensure effective protection of insurance companies digital information. 2.3.2 Intranet access control and Logging Today, how to protect insurance companies internal network security is very big challenge - many Insurance IT administrators design infrastructure design to protect external attack but forget about internal access issues or internal breach. Deploying Longmai mobile PKI solution offers a secure internal network logon that fuly supports for Bring your own device (BYOD) based on identity authentication. Authorized IT admin cab access logged reports and retrieve after-event tracking data. 2.3.3 VPN logon As many employees swift to mobile office, many Insurance employees also need to work outside the office, like when visiting customers or while at home (usually using mobile handsets or laptops to access to insurance system ). Longmai mobile PKI solution supports for VPN logon functions designed for the secure extension of insurance internal network. This can help remote end users, insurance branch offices, insurance business partners and suppliers to securely access to insurance internal system based on authorized access and encryption/decryption operations of electronic files. 2.3.4 Electronic signature In traditional insurance model, insurance sales representative need to carry with them huge paper documentation to customers for onsite signature signing this model is still seen as old fashioned, inconvenient and not environmental friendly. When you adopt the Longmai Mobile PKI solution, all documentation (MS office, PDF, WEB, forms) can be presented on mobile devices for customers reading and digital signing. The solution fully integrates with customer s own OA system. 2.3.5 Data encryption/decryption Data encryption/decryption technology is one of the most reliable security methods adopted in computer systems. Combining Longmai mobile PKI solution and digital signature can offer comprehensive data protection in any financial and any corporate environment. 2.3.6 Email encryption/decryption Today, Email is still the most popular and modern way of business communication. Adopting Longmai mobile PKI solution to build trustful email networks that hand and maintain digital signature certificates for email encryption/decryption can enhance security of information exchange. Century Longmai LONGMAI MOBILE PKI SOLUTION 5

3. LONGMAI SOLUTION BENEFITS Longmai mobile PKI solution can be applied in all insurance companies levels ranging from sales agents, external and internal network to end users. Basically, when the customer first signs a contract with the insurance companies, he/she is give a hardware PKI authentication device. For Longmai solution, all the token devices are 32-bit smartcard chip based that can store certificate keys and user s custom data. 3.1 Benefits for End users Traditionally, the insurance sales agents need to travel to customer for redeem insurance payments, sign contract. But it s not clear how customers payment security can be protected. Deploying Longmai mobile PKI solutions offers a secure access to Insurance web or app services. End users can embrace new services and use them with confidence that their data is secure and protected. 1 Digital Sign in Progress Century Longmai LONGMAI SOLUTION BENEFITS 6

3.2 Benefits for Insurance sales Strong Authentication - Application of Mobile office plus a security authentication model can offer extremely high security level and effective mobile working environment for insurance employees who are normally working outside of the office: Extended Convenience- with high level smart card security (no need to carry paper files) - Sales agent can utilize Longmai standard or customized new generation of authentication products for Secure access control physical (building & offices) and logical (computers). The entire Authentication solution is adapted to every sales agent s mobility and usability needs while connecting to corporate applications. 2 Win-win 3.3 Benefits for Insurance companies The winner - Insurance Companies can focus on increasing revenue from existing services, create new offerings, and deliver great customer experience: Transform entire sales and service business model to a high-effective online/mobile office model by solving traditional paper signature security and chronology problems. Unlock new revenue streams, build loyalty and increase stickiness for customers. Century Longmai LONGMAI SOLUTION BENEFITS 7

3 Scene 3.3.1 Snapshot of Success In 2013, Ping An was the only Asia-Pacific insurer out of nine globally to be designated as a global systemically important insurer (G-SII) by the G-20 Financial Stability Board. Today, it has developed into a personal financial services group with three core businesses of insurance, banking and investment has about 635,000 life insurance sales agents and 236,000 full-time employees. Century Longmai is providing Ping An China with innovative PKI solutions supporting for electronic document access and transmission protection. 4. CONCLUSION The world of financial services is changing fast and consumers are looking for more customizable, convenient, yet secure digital security solutions. Century Longmai offers a wide range of digital solutions to meet and exceed these demands focusing on security and privacy. In particular, the Longmai Mobile PKI Solution powered by Smart card technology and Bluetooth communication standards facilitate the mobile office, electronic signature, secure remote connections, micro payment security, etc. The solution can fully protect the whole insurance system s security with its extraordinary features, prevent unauthorized access to physical and logical resources, guaranteeing legality of electronic policies, and verification of users to fight against repudiation and avoid illegal data access by tracking after-the-event - ensures extended mobility and convenience while deploying a strong authentication. Century Longmai CONCLUSION 8

5. APPENDIX: GLOSSARY BLE: Bluetooth Low Energy Chip: An electronic component that performs logic, processing, and/or memory functions. IC: Integrated circuit. Key: In encryption and digital signatures, a value used in combination with a cryptographic algorithm to encrypt or decrypt data. Mobile contactless payments: A payment to a physical merchant that is initiated from an NFC-enabled. PIN: Personal identification number Smart card: A device that includes an embedded secure integrated circuit that can be either a secure microcontroller or equivalent intelligence with internal memory or a secure memory chip alone. The card connects to a reader with direct physical contact or with a remote contactless radio frequency interface. With an embedded microcontroller, smart cards have the unique ability to securely store large amounts of data, carry out their own on-card functions (e.g., encryption and mutual authentication), and interact intelligently with a smart card reader. SD (secure digital memory) card: A flash memory card that provides storage for digital cameras, mobile phones, and personal data assistants. Although SD cards support encryption and content protection, they are mostly used for storage due to their small size and fast transfer rate. Century Longmai APPENDIX: GLOSSARY 9

ABOUNT CENTURY LONGMAI Founded in 2003, Century Longmai Technology Co., Ltd is one of the most leading digital security device manufacturers with market occupation over 30 countries. Headquartered in Beijing, China, Century Longmai applies over 12 years of extended experience and clear product roadmap to develop solutions that defend against latest security threats and risks while meeting customers' specific requirements. Our ever-expanding number of employees supports customers in different ways to help them become winners in their respective market sectors like Identity and access, financial services, government, mobile, and transport. Following the rapid development of Internet and mobile devices, more than ever industries, enterprises and government want fulfill their end-users dream of living a better, safe and enjoyable lifestyle anytime anywhere. Contact Us Century Longmai Technology Co., Ltd 3F, GongKong Building, No.1 WangZhuangRd, Haidian District, Beijing, P.R China Postcode: 100083 T (86) 10-62323636 F (86) 10-62313636 Global Sales email Address: info@longmai.net Website: http://lm-infosec.com Connect with us on Twitter, LinkedIn and FaceBook. Century Longmai APPENDIX: GLOSSARY 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information