Vijay V Vijayakumar

 Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s

 High Availability (24*7)  Fast  Efficient  Effective

 Document repository for storage of scanned documents.  Unlimited number of account holders  Straight-through processing of SWIFT Messages  On-Line Banking  Integrate with third party debit and credit card provider  Transaction status notification to client and merchant

 Account summary, transfer & transaction history.  Credit Card account summary & transaction history. Loan account summary & transaction history  Real time access to accounts, profiles and preferences.  Send statements online in a secure messaging environment.  Stop payment, checks re-order & other account management tasks.  Automate debits & transfers. Customer initiated account applications.  Credit Card applications. Loan & mortgage applications.

 User Authentication Most basic Inadequate in current scenario Threats like Phishing, Session Hijacking  Firewalls Prevent attacks from Internet or External Systems Doesn’t prevent from Insider attacks  Encryption All data stored in the server should be encrypted e.g. Triple DES  Hardware Security The actual hardware of the server should be protected against breaches

 Secure ◦ s are generally sent/received in Plain-Text  Secure HTTP ◦ All communication between Server and Client should be encrypted  Secure Electronic Transaction Secure message transfer during Electronic transactions

 Uses TCP port 443  Additional security layer between HTTP and TCP  Provides authentication and encryption  Avoid eavesdropping and man-in-the-middle attacks  Only as secure as the Browser, Web Server and its security

 Administrator must create a public key certificate for the web-server  Certificates signed by Certificate Authority  When browsers access web server they check it using the signing certificate provided by the CA  Only then is a connection established

 Asymmetric Cryptography ◦ Message signed using private key of sender and receiver decrypts using his public key ◦ Users public key is tied to the user by a digital identity certificate issued by a certificate authority ◦ Provides Authentication and Integrity ◦ Authentication - a valid signature shows that the message was sent by that user ◦ Integrity – checks for modification of message after transmission

 Society of World Wide Interbank Telecommunication – includes >200 banks worldwide  Objectives: High availability, Secure transmissions for EFT(Electronic Fund Transfers), financial traffic.  Standardized message format aimed for wide area networking  Proprietary algorithm

 Terminals can connect only thro approved SWIFT mechanisms to the regional Processing Centers.  Secure sequencing procedures, transaction audit trails and delivery acknowledgements  SWIFT II- modular approach to handle more traffic and optimize resources

 Need to develop shared networks with other banks, in the same country, to enable fast money transfers in the local currency.  US banks are supported by the CHIPS, BANKWIRE, and FEDWIRE networks

 Anti-Virus  Anti-Spyware  Anti-Malware  Personal Firewalls  Latest Security Patches

 Data stored is encrypted using Triple DES  Message Authentication Code (MAC) is used to used to prevent tampering of messages.  Vulnerable to Social-Engineering Attacks

  &mnu=12  ary_iso20022.htm

 Questions?