Quelle sécurité dans une banque? " Sécurité des transactions électroniques sur Internet et KYC"

Similar documents
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

Evolving Optical Transport Network Security

Computer System Security Updates

Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities

Cybersecurity Strategic Talent Management. March, 2012

DDos. Distributed Denial of Service Attacks. by Mark Schuchter

HACKING RELOADED. Hacken IS simple! Christian H. Gresser

NETWORK SECURITY ASPECTS & VULNERABILITIES

Federal Communications Commission

BotNets- Cyber Torrirism

Information Security Management. Dipl.-Ing. (FH) Frank Wagner

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

COB 302 Management Information System (Lesson 8)

FORBIDDEN - Ethical Hacking Workshop Duration

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device

Loophole+ with Ethical Hacking and Penetration Testing

Digital Security Cyber Security and Fraud Prevention

Durée 4 jours. Pré-requis

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Review of Industry Trends & Forecasts

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

Project 25 Security Services Overview

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

CYBERTRON NETWORK SOLUTIONS

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Defending the Internet of Things

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

Web Engineering Web Application Security Issues

Information Technology Career Cluster Advanced Cybersecurity Course Number:

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

System Security Policy Management: Advanced Audit Tasks

3rd Party Assurance & Information Governance outlook IIA Ireland Annual Conference Straightforward Security and Compliance

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Network and Host-based Vulnerability Assessment

Establishment of a Kerala Police CyberDome High Tech Public- Private Partnership Centre for Cyber Security and Innovations.

Keyword: Cloud computing, service model, deployment model, network layer security.

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

Strong authentication of GUI sessions over Dedicated Links. ipmg Workshop on Connectivity 25 May 2012

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

Web App Security Audit Services

Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University

INFORMATION SECURITY FOR YOUR AGENCY

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Secure Devices & Embedded Operating Systems

Archived Content. Contenu archivé

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

The Self-Hack Audit Stephen James Payoff

Vulnerability Management Policy

Securing VoIP Networks using graded Protection Levels

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

Enova X-Wall LX Frequently Asked Questions

How To Protect Your Computer From Attack

Detecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008

BUSINESS PROCESS OPTIMIZATION. OPTIMIZATION DES PROCESSUS D ENTERPRISE Comment d aborder la qualité en améliorant le processus

Payments Fraud: It's Not Fun & Games

CHAPTER 10: COMPUTER SECURITY AND RISKS

Criteria for web application security check. Version

KEN VAN WYK. Fundamentals of Secure Coding and how to break Software MARCH 19-23, 2007 RESIDENZA DI RIPETTA - VIA DI RIPETTA, 231 ROME (ITALY)

Sun Management Center Change Manager Release Notes

Web application security: automated scanning versus manual penetration testing.

Jort Kollerie SonicWALL

Environment. Attacks against physical integrity that can modify or destroy the information, Unauthorized use of information.

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

The Roles of Software Testing & QA in Security Testing

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led


Effective Defense in Depth Strategies

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?

Archived Content. Contenu archivé

D. L. Corbet & Assoc., LLC

CyberSecurity Solutions. Delivering

White Paper. Information Security -- Network Assessment

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

French Justice Portal. Authentication methods and technologies. Page n 1

Welcome. HITRUST 2014 Conference April 22, 2014 HITRUST. Health Information Trust Alliance

Biometrics and National Strategy for Trusted Identities in Cyberspace Improving the Security of the Identity Ecosystem September 19

RESERVE BANK OF MALAWI GUIDELINES FOR MOBILE PAYMENT SYSTEMS

Transcription:

Quelle sécurité dans une banque? " Sécurité des transactions électroniques sur Internet et KYC" Genève- UIPF 27 Nov.2010

La mission de WISeKey est de faciliter la croissance économique globale en sécurisant les transactions électroniques

Membre du WEF comme GGC De gauche à droite: Carlos Moreira Founder et CEO WISeKey; M. Dai Xianglong, Maire de Tianjin, République Populaire de Chine; M. Klaus Schwab, Fondateur et Président Exécutif du World Economic Forum, et M. Xia Deren, Maire de Dalian République Populaire de Chine.

Bunker à Haute Sécurité WISeKey-UIPF-17Nov.2010

The Gravity Center is Shifting Hardware & Software 1980-2000 The Jungle: Portals, Search & Websites Ubiquity of Social Networks & Communities 2000-2005 2005-2010 Copyright 2010 WISeKey CONFIDENTIAL Digital IDs: IndividualCentric & Customised Experience 2010-2020

The Gravity Center is Shifting 18/11/2010 Copyright 2010 WISeKey CONFIDENTIAL 5

Attack Sophistication vs. Intruder Technical Knowledge Auto Coordinated Tools Cross site scripting stealth / advanced scanning techniques packet spoofing denial of service High sniffers Intruder Knowledge sweepers Staged distributed attack tools www attacks automated probes/scans GUI back doors network mgmt. diagnostics disabling audits hijacking burglaries sessions Attack Sophistication exploiting known vulnerabilities password cracking self-replicating code Intruders password guessing Low 1980 1985 1990 2000 2010

If you don t have a Digital ID you don't exist on the Digital World

By 2020 = 50 billion transactions on the NET

By 2010 = 4.5 billion mobile phones By 2020 = 7 billion mobiles Phones

During the next 10 years 1 billion new people will join the Net, people we don t know, languages we don t currently speak, cultures we hardly know.

Privacy versus Security The winner is? What you have Badge Card Token Who you are Biometrics What you know Password Pin Mother s maiden name

Suppliers Clients Banks and FI Friends Partners

Cyber Terrorism: Are you prepared? e-government Services Banking Health Defense Electricity Traffic Citizen services TV PC Mobile Cyber Terrorist National Infrastructure

Present Indetification Low level Id Card 4120 4120 Physical Access Control Single Factor - Weak

Current and Future Digital ID Strong Cryptographic Proof of Identity

Extension of the ID + Multiple Factor - Strong Multiple Usages Physical and Logical Access

Online Trust Services Bank Cards Public Transportation ID National ID Card Health Services ID Health Services ID Professional Association ID Drivers License Civil Servant ID WISeKey-UIPF-17Nov.2010 17

CertifyID Secure email Compagnie HQ Clients Partners Business Lines WISeKey-UIPF-17Nov.2010 Les échanges de clefs publiques sont automatiques et transparents pour les utilisateurs

Reçu de la commande ***** WISeKey-UIPF-17Nov.2010

Acceptation de la commande WISeKey-UIPF-17Nov.2010

Confirmation de la commande ***** WISeKey-UIPF-17Nov.2010

Suivit des Commandes WISeKey-UIPF-17Nov.2010

Webtrust Accredited Root 18/11/2010 Copyright 2010 WISeKey CONFIDENTIAL

La Clefs USB ekey Sécurité, intimité, mobilité WISeKey-UIPF-17Nov.2010

WISeID WISeKey-UIPF-17Nov.2010

Application de WISeID WISeKey-UIPF-17Nov.2010

CertifyID Armored L ArmoredBox, inclus dans CertifyID Armored, est une solution indispensable pour les experts de la sécurité. WISeKey-UIPF-17Nov.2010

WISeKey-UIPF-17Nov.2010