PKI VAS (Public Key Infrastructure Validation Authority Suite) represents a set of application modules that enable cost-effective, easy and simple implementation of a PKI and a Digital Signatures into bank’s IT environment and Third-Party application modules.
- encryption – protection against unauthorized viewing of transmitted contents
- authentication – verification of an identity during access to the e-service
- data integrity – protection from the changes in documents, transactions, etc.
- non-repudiation – guaranty that a legal electronic transaction occurred
PKI (Public Key Infrastructure) enables users of an unsecure public networks, such as the Internet, to securely and privately exchange data and money through the use of a public and a private cryptographic keys which are obtained and shared through a trusted authority.
Although PKI and Digital Signature are widely accepted as optimal technologies for securing e-business transactions, their implementation still faces problems like high installation costs and complexity of integration, confi guration and use.
There are many reasons for protection of confidential data:
- outsider attacks which are rising due to Internet-based technologies
- insider attacks and accidental destruction of data
- consequences of negative publicity, loss of credibility and goodwill
- legislative requirements, particularly those related to user privacy
- danger of making critical business decisions based on invalid data
- law suits and penalties for compromised confidentiality surveys show that customers are more willing to do business with companies that protect their privacy
- PKI Client Application Package
- Communication Module
- PKI Validation Authority Package
- Validation Authority Modul
- Certificate Verification
- Digital Signature Verification
- TimeStamp Module
- Archive Module
- Crypto Module
- PKI Registration Module
- Administration Modules
How does PKI VAS work?
PKI applet is used on-line to digitally sign HTML forms.
- Web server transmits the data to the user’s HTML form by the means of the Communication Module, while simultaneously marking signature fi elds.
- The user completes the form fi elds and sends the HTML form to the web server.
- At the same time, PKI applet automatically activates, and the user can observe signed data as is displayed in a separate window.
- The user selects a valid certifi cate, enters PIN and signs the data.
- The signed data is then forwarded to the Communication Module for verifi cation.
- In off-line mode, the user selects a fi le to be processed.
- After selection and unlocking of valid certificate (with user PIN) and selection of bank certificate, encryption and signing of the file are performed with a simple mouse click.
- Encrypted and signed file by the means of either upload, e-mail or any other medium is forwarded to the bank for verification.
- cost-effective, quick, smooth, easy and simple deployment
- seamless integration into different environments
- can be implemented in variety of e-banking applications, ensuring a high level of security
- with the use of public and private keys users can authenticate, encrypt, sign and decrypt electronic transactions with full confidence
- provides basis for electronic business transactions – non-repudiation
- enables identification between senders and receivers, computers and applications through the use of digital certificates, providing an improved authentication and access control
- enables fulfillment of constantly rising security demands
- once it is implemented, additional functionalities can be added easily
- provides a user-friendly interface for administration
Solution is user-friendly for the user and administrator, platform independent (all Java compatible platforms) on the server side, client applets are developed for Windows client platform and supported by all internet browsers (Internet Explorer, Firefox, Opera, Netscape) and supported for leading Databases: Oracle, MS SQL and DB2.