IT Security Solutions for Banking e-Business Romania 2007 Alexandru Copandean Regional Sales Manager Eastern Europe March 29th, 2007 Insert date here in Header & Footer

Banking security on the front page…

Quantifying the problem: some facts and figures… Forrester Research, March 2005: Two-fifths of the European internet users who don't use online banking holding back because of security - survey of nearly 23,000 Europeans APACS (Banking Association for all UK clearing banks), March 2005 Phishing attacks up from 1,714 to 14,156 for 2006 compared to 2005 On-line banking fraud rose 44% in same period BUT improvement in second half of 2006 over first half (£22.5m->£10m) Domestic card fraud DOWN 13% in 2006 to £309.8m “Card-holder not present” on Internet – fraud UP 16% to £212.6m European Security Transport Association (ESTA) nearly 20 per cent of UK adult population experienced card fraud Guardian (UK national newspaper) Security flaw leaves 3m HSBC online accounts open to fraud Volume of malicious activity continues to grow but security improving

How the industry is responding Card fraud Chip and PIN for face-to-face 3-D Secure: 3 step, pass-phrase authorisation on-line PCI DSS: security certification for retailers and on-line merchants On-line banking fraud 2-factor authentication beginning to feature Better web code security as technology matures Firewall technology at its limit – application-aware protection becoming usable Passwords remain a concern Phishing and identity crime Customer awareness slowly improving Email filtering and browser controls beginning to help BUT – this is one aspect where losses still on the increase …

Endava: security specialists for the financial sector Consulting Services: Security consulting practice established in 1997 CISSP qualified security professionals Payment Card Industry Data Security Standard (PCI DSS): accredited to perform gap analysis and to guide customers though compliance Broad experience of security policy, strategy, design and deployment System Architecture and Programme Delivery: Large scale payment systems and secure financial services applications Development specialists in Java/J2EE and .NET environments PKI and smart card integration Infrastructure design and deployment Managed Services: Secure hosting and managed security services Accredited to ISO 27001 information security standard Blended Teams: UK financial services experience with local Romanian and Moldovan technical expertise

Case Study: BACS/Voca UK’s highest volume payments system: 77 million payments per day peak €45bn payment value Central role in NewBACS programme 4 year engagement Architecture and design for BACSTel IP and NewBACS: Authentication model Identity/authorisation model Audit strategy Internal application security Platform security Network/Perimeter security Design, coding, deployment and testing Network and infrastructure security design and deployment

Endava Group Overview IT services organization operating across Europe over 350 employees operations in UK, Ireland, US, Rep. of Moldova and Romania (Bucharest and Cluj-Napoca). Services Consulting Services Project Management and Delivery Managed Services Extended Teams Transformational Support Legacy Application Management & Migration Infrastructure Transformation IT Outsourcing Market entry Sector Focus Financial Services Telecom Media Technology

Thank you! Alexandru Copandean Regional Sales Manager Eastern Europe Endava UK London Tel: + 44 (0)870 153 7000  Email:  info.london@endava.com Oxford Email:  info.oxford@endava.com Woking Tel: + 44 (0)870 153 7000 Email:  info.woking@endava.com Endava Moldova Chisinau Tel: +  373 22 577 911  Email:  info.chisinau@endava.com Endava Romania Bucharest Tel: +  40 (0)31 805 50 28 Email:  info.bucuresti@endava.com Cluj-Napoca Tel: +  40 (0)264 429 026 Email:  info.cluj@endava.com Thank you! Alexandru Copandean Regional Sales Manager Eastern Europe Endava www.endava.com alex.copandean@endava.com