ODYSSEY. cryptic by intent IMPLEMENTING TRANSACTION SECURITY FOR HDFC BANK A CASE STUDY ODYSSEY TECHNOLOGIES LIMITED. Odyssey Technologies Ltd

Similar documents
White paper. Implications of digital certificates on trusted e-business.

Longmai Mobile PKI Solution

Comodo Certificate Manager. Comodo Enterprise

Symantec Client Management Suite 8.0

Advanced File Integrity Monitoring for IT Security, Integrity and Compliance: What you need to know

Cloud security architecture

How To Achieve Pca Compliance With Redhat Enterprise Linux

Enterprise SSL FEATURES & BENEFITS

Information Security Services

Simplify SSL Certificate Management Across the Enterprise

ONLINE AND MOBILE BANKING, YOUR RISKS COVERED

Schlumberger PKI /Corporate Badge Deployment. Neville Pattinson Director of Business Development & Technology IT & Public Sector

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Enhancing Web Application Security

Cybersecurity and internal audit. August 15, 2014

Samsung SDS. Enterprise Mobility Management

Data Protection: From PKI to Virtualization & Cloud

Linux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS QUARTER 2 NETWORKING AND OPERATING SYSTEMS ESSENTIALS. Module 1 - Office Applications

Service Description. 3SKey. Connectivity

What We Do: Simplify Enterprise Mobility

Baltimore UniCERT. the world s leading PKI. global e security

Multi-Factor Authentication

Data Masking Best Practices

IoT Security Platform

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

Integrating F5 Application Delivery Solutions with VMware View 4.5

AT&T. ip vpn portfolio. integrated. IP VPN solutions. for the enterprise. Communication Systems International Incorporated

A brief on Two-Factor Authentication

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services

BANKING SECURITY and COMPLIANCE

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

WHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ)

Using Entrust certificates with VPN

Table of Contents. Page 2/13

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Microsoft Technologies

addressed. Specifically, a multi-biometric cryptosystem based on the fuzzy commitment scheme, in which a crypto-biometric key is derived from

Frequently Asked Questions. Frequently Asked Questions: Securing the Future of Trust on the Internet

Centrify Cloud Connector Deployment Guide

ISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security

Symantec Managed PKI for SSL Support Overview. How to get quick and convenient customer support

PrivyLink Internet Application Security Environment *

Proven LANDesk Solutions

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007

Strong Security in Multiple Server Environments

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

ITUS Med Solutions. HITECH & HIPAA Compliance Guide

MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE

PCI Compliance Considerations

Compliance series Guide to meeting requirements of the UK Government Cyber Essentials Scheme

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

Linux Single Sign-on: Maximum Security, Minimum Cost

Protect Your Business and Customers from Online Fraud

Dr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C

NCR APTRA Suite. The world s leading financial self-service software portfolio

SECURITY AND PRIVACY ISSUES IN A KNOWLEDGE MANAGEMENT SYSTEM

SSL VPN vs. IPSec VPN

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

Information Security Basic Concepts

IDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers

Global Headquarters: 5 Speen Street Framingham, MA USA P F

future data and infrastructure

Application Monitoring for SAP

Protecting your business interests through intelligent IT security services, consultancy and training

Preparing for the HIPAA Security Rule

Cloud Computing Security Considerations

What Is Ad-Aware Update Server?

Whitepaper. Implementing High-Throughput and Low-Latency 10 Gb Ethernet for Virtualized Data Centers

Norton Mobile Privacy Notice

Cisco Security Appliances

Security Architecture Whitepaper

Securing corporate assets with two factor authentication

1.1.1 Introduction to Cloud Computing

Achieving PCI Compliance Using F5 Products

Residual risk. 3 Compliance challenges (i.e. right to examine, exit clause, privacy acy etc.)

Comodo Web Application Firewall for Plesk Software Version 2.11

CODE SIGNING. Why Developers Need to Digitally Sign Code and Applications entrust.com

ipad in Business Security

of interaction. Operate with Efficiency. Manage the Operation. Connect with Customers. Enhance with Mobility. For Table Service Restaurants

Cloud Management. Overview. Cloud Managed Networks

Cloud Computing for SCADA

SECURITY IN ELECTRONIC COMMERCE - SOLUTION MULTIPLE-CHOICE QUESTIONS

Transcription:

IMPLEMENTING TRANSACTION SECURITY FOR HDFC BANK A CASE STUDY TECHNOLOGIES LIMITED

Problem HDFC Bank wanted to implement the best-in-class technology for protecting their online banking services from cyber attacks. The challenge was to implement effective security without compromising customer convenience or limiting scalability. Solution Odyssey Technologies Limited deployed Snorkel-TX, a PKI-based plug-configure-play transaction security server that protects HDFC Bank's high-value transaction applications from unauthorized entry and information access. Snorkel-TX also ensures non-repudiation and integrity of transactions. Results The bank has been able to ensure authentication, access control, channel security, non-repudiation and integrity of its online transactions cost-effectively and without affecting customer convenience or scalability. Thanks to reliable security infrastructure, the bank has been able to grow and expand its online services confidently. About HDFC Bank HDFC Bank was one of the first banks to have set-up services in the Indian private sector. Since its inception, the bank has concentrated on providing its clients with world-class services by enhancing banking convenience and safety.

Today, HDFC Bank is a trusted name in the banking sector, having established a nationwide network of 2,544 branches and 9,333 ATMs in 1,399 Indian towns and cities. In order to support its growing customer-base and product offerings, the bank has implemented a highly automated environment with the help of multiple technologies. NEED FOR TRANSACTION SECURITY Password Email Credit Card Net Banking Transactions HDFC Bank was one of the first in India to set-up Internet banking for its customers. Since the Internet is ripe with security threats, the bank wanted to safeguard its corporate customers from identity thefts and abuse of private information. These customers carried out high-valued transactions over the Internet on a regular basis and so the bank also wanted to ensure the integrity and non-repudiation of these transactions. SOLUTION REQUIREMENTS HDFC Bank wanted to implement a secure banking solution that could protect its banking applications from multiple dimensions. 1 2 3 4 5 The solution should provide a stronger means of authentication than passwords, which can be easily broken. Financial information of clients should remain private when accessed over the internet. The solution should impart accountability and integrity to the online transactions. Usability of the application should not suffer. The solution should have a comprehensive reporting system for collecting business intelligence.

TECHNOLOGY IDENTIFICATION The bank identified Public Key Infrastructure (PKI) as a suitable technology for addressing its security requirements. With PKI, the bank would be able to implement strong identification and authentication mechanisms using digital certificates, privacy using SSL, non-repudiation using digital signatures and integrity using hashing algorithms. CHALLENGES PKI technology was still in its infancy when HDFC Bank was seeking to implement the technology. Solutions from most vendors required integration with the banking applications, which posed multiple challenges for the bank: The bank was risking breakdown of existing infrastructure and code-base in the process of integrating security components. Integration required additional time, effort and human resources, which drastically increased the cost of implementation. Integrated solutions seldom scale or adapt to changes in the IT environment. SOLUTION IDENTIFICATION Odyssey's Snorkel-TX server is a powerful PKI-based transaction security server that could instantly PKI-enable any application without the need for integration. As a PKI solutions vendor, Odyssey successfully overcame challenges with PKI integration by isolating the security components from the application. Odyssey's Snorkel-TX server is a powerful PKI-based transaction security server that could instantly PKI-enable any application without the need for integration. The server is typically deployed between the application and end-user. By intercepting requests made to the application, Snorkel can examine the requests and take action appropriately, based on how Snorkel is configured.

The solution uses digital certificates for authenticating users into the system. URLbased authorization provides fine-grained access control by allowing specific users to access specific services within the application. By establishing an SSL channel with the end-user, Snorkel also assures privacy of transactions. Additionally, Snorkel enables end-users to digitally sign transactions, thus ensuring non-repudiation. In addition to fulfilling the essential security requirements, Snorkel provided several benefits that were advantageous to the bank. The solution sported multiple authentication mechanisms including certificate-based authentication, and one time passwords. Snorkel could protect multiple back-end applications at once. Administrators could access Snorkel securely from anywhere, both on the intranet and Internet. The product sported a fully web-based administrator interface with point and click features for configuration of back-end applications, a dynamic web console for monitoring system functions and user status and user self-registration features. The solution had minimal effect on user-experience. All administrator activities were digitally signed and logged for accountability. The reporting system provided the bank with valuable security and business intelligence. The solution had an integrated XML based configuration database that eliminates the need for a separate RDBMS. Snorkel demonstrated superior cryptographic and SSL performance that rivals that of dedicated crypto-accelerators. SOLUTION IMPLEMENTATION In order to have a comprehensive PKI infrastructure, Odyssey implemented a complete Certificate Management System (CMS) at HDFC Bank, prior to implementing Snorkel. Having its own CMS enabled HDFC Bank to cost-effectively issue and manage digital certificates for its application users.

Odyssey's unique zero-touch a p p r o a c h t o s o l u t i o n i m p l e m e n ta t i o n e n a b l e d Snorkel to be deployed at HDFC Bank premises without having to make any changes to the application code-base. Odyssey's unique zero-touch approach to solution implementation enabled Snorkel to be deployed at HDFC Bank premises without having to make any changes to the application code-base. The implementation was completed in weeks. This was a new record in PKI implementation since competing vendors followed the integration model which typically involved years. With Snorkel implementation, HDFC Bank's corporate customers could now access their online services securely. Bank The applications employed for corporate banking required server-to-server security since it was interacting with thick clients at the client end. For this, Odyssey interfaced HDFC Bank clients' premises with Snorkel-BX, a business-to-business transaction security server that could interact securely with HDFC Bank's Snorkel-TX server. Enterprise Customer With the implementation of Snorkel-TX and Snorkel-BX, HDFC Bank's application servers were protected both while interacting with thin clients and thick clients. The implementation was carried out on 64 bit Opteron/EM64T platform with Linux V2.6 operating system kernel. POST-DEPLOYMENT SUPPORT Odyssey has provided post-deployment support for HDFC Bank in the form of training, regular solution upgrades, and timely 24 X 7 customer support. Since the initial implementation, the bank has upgraded to Snorkel-TX 3.0 which sports enhanced features in order to keep up with technological advancements and changing security needs.

Results The bank's preemptive actions for protecting its customers' assets against cyber threats have enhanced the brand name and reputation of the organization. Snorkel-TX has protected HDFC Bank from incurring huge losses due to security incidents. The zero-touch security implementation model has allowed the bank to upgrade its banking applications without having to invest in new security infrastructure. The bank has been able to take advantage of the trust-factor introduced by good security infrastructure, to increase subscription to its online services. The bank has won several awards including the IBA Banking Technology Awards 2010 for 'Technology Bank of the Year' and the DSCI (Data Security Council of India) Excellence Awards 2011 for 'Security in Bank', further enhancing the brand name and trust factor. ABOUT TECHNOLOGIES LIMITED Odyssey Technologies Limited is a pioneer in PKI technology in the Asia-Pacific region. The company develops products and solutions for transaction security and is recognized by the Controller of Certification Authorities in India as a technology vendor. By isolating the security components and business logic, Odyssey stays true to its zero-touch philosophy and ensures deployment of solutions quickly and effectively without the need for integration or changes to the existing code-base. The company proudly supports the security needs of major banks and financial institutions in the Asia-Pacific region and has earned their trust as a reliable vendor. Odyssey Technologies Limited is based in Chennai, India and is listed in the Bombay Stock Exchange. To learn more about solutions from Odyssey Technologies Limited, visit www.odysseytec.com or e-mail info@odysseytec.com.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information