Presentation is loading. Please wait.

Presentation is loading. Please wait.

Achieving online trust through Mutual Authentication.

Published byAlexander Schmidt Modified over 11 years ago

Similar presentations

Presentation on theme: "Achieving online trust through Mutual Authentication."— Presentation transcript:

1 Achieving online trust through Mutual Authentication

2 2 Agenda Where do we need trust online? who are the affected parties? Authenticating the site to a consumer V by V and SecureCode, next generation browsers Authenticating the consumer to a site strong authentication options

3 3 Where do we need trust online? For it is mutual trust, even more than mutual interest that holds human associations together. H. L. Mencken (1880 - 1956)

4 4 Where do we need trust online? For any online interaction where consumer confidence would be eroded if a fraudster could gain value from intercepting or changing data such as….

5 5 Authenticating the consumer to a site For financial payments CVV2 Address verification For bank account management Almost always user name and ID Some pioneers (Lloyds TSB, Alliance & Leicester) For online service providers account management Almost always User Name and ID Some pioneers (eBay, PayPal, MicroSoft, Yahoo) Bank Merc hant Is this really the merchant ? Is this really the cardholder? Consumer Is this really my bank? Is this really my customer? Bank Consumer Merchant Is this really my service provider? Is this really m account holder? Consumer

6 6 Authenticating the site to a consumer Trust in Allah, but tie your camel Old Muslim Proverb

7 7 Authenticating the site to a consumer - Today

8 8 Authenticating the site to a consumer – Future SSL and browser providers working together to help fight fraud Display security and site authenticity method depends on browser Standards (nearly) complete for IE7, vary by browser based on authentication procedures for High Assurance certificates Higher security browsers are available today Netscape / Firefox available, IE7 (85% share) late 2006

9 9 Internet Explorer 7 user experience

10 10 Internet Explorer 7 user experience

11 11 Authenticating the consumer to a site All men are frauds. The only difference between them is that some admit it. I myself deny it. H. L. Mencken (1880 - 1956)

12 12 Authenticating for financial payments – CVV2 & AVS

13 13 Authenticating the consumer to a site – future Two factor or strong authentication, many form factors token, phone, application on PC, bingo card Many models for authentication must reflect security requirements AND consumer acceptance Shared token makes financial sense, helps acceptance Financial Payments Bank Account Management AND Online Service Provider Account Management

14 14 Many form factors Digital Certificate Smart Cards Desktop Soft Token Multi-Function Devices OTP Token Mobile Phone Fixed Phone (voice) HARDSOFT VIP Two-Factor Authentication

15 15 Many models for authentication VeriSign have identified 5 models for the UK banking and retail community Traditional EMV CAP Closed user group trusted 3 rd Party Open user group trusted 3 rd Party (VIP) Hybrid ( EMV CAP and VIP) 1 st draft of White Paper available Will be distributed to contacts within banking and retail community

16 16 End User ONLINE MERCHANT USER ID, PASSWORD, OTP TOKEN ID, OTP VIP Validation Service ONLINE BANK USER ID, PASSWORD, OTP Application Online Bank USER ID, PASSWORD, User Store TOKEN ID VIP Validation Service Application Online Merchant User Store USER ID, PASSWORD, TOKEN ID VIP Validation Service ONLINE AUCTION USER ID, PASSWORD, OTP Application Online Auction USER ID, PASSWORD, User Store TOKEN ID VIP OTP Validation Engine Token Store TOKEN ID, OTP VeriSign Open group trusted 3rd party

17 17 Invisible or Web Lifestyle Friendly Security for Consumers Comprehensive & Turn-Key Solution for Online Services Intelligent Infrastructure for ID Protection From the Leading Internet Infrastructure Operator VeriSign Identity Protection Network (VIP)

18 18 An ATM card works across all the Banks on the Cirrus Network Inspired by the offline world An ATM card works across all the Banks on the Cirrus Network A VIP Device Works Across all the Web sites on the VIP Network

19 Achieving online trust through Mutual Authentication

Download ppt "Achieving online trust through Mutual Authentication."

Similar presentations

11/2/2013 2:02:38 AM 5864_ER_FED 1 Importing Certificates into Lotus Notes R6.

11/2/2013 2:02:38 AM 5864_ER_FED 1 Importing Certificates into Lotus Notes R6.
Chapter 8 Payment Systems: Getting the Money

Chapter 8 Payment Systems: Getting the Money
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
High Validation SSL Certificates Mike Davies Marketing Director VeriSign Security Services EMEA.

High Validation SSL Certificates Mike Davies Marketing Director VeriSign Security Services EMEA.
0 - 0.

0 - 0.
Addition Facts 1 - 20.

Addition Facts
B-CERB complete protection against phishing copyright 2008 by Wheel.

B-CERB complete protection against phishing copyright 2008 by Wheel.
Interchange fees and innovation in retail payment systems Marc Bourreau, Telecom ParisTech 1.

Interchange fees and innovation in retail payment systems Marc Bourreau, Telecom ParisTech 1.
© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.
The internet. Background Created in 1969, connected computers at UCLA, Stanford Research Institute, U. of Utah, and UC at Santa Barbara With an estimated.

The internet. Background Created in 1969, connected computers at UCLA, Stanford Research Institute, U. of Utah, and UC at Santa Barbara With an estimated.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
1 STATISTICAL DATA ON THE BANKS PAYMENT SYSTEMS IN FINLAND 2002-2012 17 May 2013.

1 STATISTICAL DATA ON THE BANKS PAYMENT SYSTEMS IN FINLAND May 2013.
Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.

Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.
Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.

Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.
Information Systems Today: Managing in the Digital World

Information Systems Today: Managing in the Digital World
Results from a Mobile Finance Survey. 2 2 Second survey sponsored by CheckFree with fieldwork in April 2008; First survey completed in March 2006 1,007.

Results from a Mobile Finance Survey. 2 2 Second survey sponsored by CheckFree with fieldwork in April 2008; First survey completed in March ,007.
1 | © 2012 V-Key.com – Proprietary and Confidential Bugatti Veyron Super SportBugatti Veyron Super Sport: 267 mph (429 km/h), 0-60 in 2.4 secs.

1 | © 2012 V-Key.com – Proprietary and Confidential Bugatti Veyron Super SportBugatti Veyron Super Sport: 267 mph (429 km/h), 0-60 in 2.4 secs.
1 Confidential and proprietary material for authorized Verizon personnel only. Use, disclosure or distribution of this material is not permitted to any.

1 Confidential and proprietary material for authorized Verizon personnel only. Use, disclosure or distribution of this material is not permitted to any.
1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking – Slide 1 Funded by a grant from Take Charge America,

1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking – Slide 1 Funded by a grant from Take Charge America,
1 Welcome to JCCAA Data base presentation Click box to see the DEMO 1.JCCAA Web Site 2. Member Login 3. My Acount 4. School DBA The end.

1 Welcome to JCCAA Data base presentation Click box to see the DEMO 1.JCCAA Web Site 2. Member Login 3. My Acount 4. School DBA The end.

Similar presentations

Ads by Google