Cross Boarder Transactions Written By Mukesh Bhutani Good Learning
eAuthentication and Cross Boarder eTransaction · eAuthentication and Cross Boarder eTransaction ....
Transcript of eAuthentication and Cross Boarder eTransaction · eAuthentication and Cross Boarder eTransaction ....
1 www.jrsys.com.tw 1 www.jrsys.com.tw 1 1
James Wu / jrsys CEO
eAuthentication and
Cross Boarder
eTransaction
2 www.jrsys.com.tw
Stage 1
eGovernment 3-year Program 1998-2000
Stage 2
eGovernment Program 2001-2004
Stage 2.5
E-Taiwan eGov Program 2003-2007
Stage 3
U-Taiwan eGov Program 2008-2010
Stage 4
Intelligent Taiwan eGov Program 2008-2011
Taiwan’s e-Gov Journey
Infrastructure
Development &
Penetration
Efficien
cy & E
ffectiveness
Online Service
Development
Integrated,
Interoperable
and Interactive
Services
Pervasive
Services
Transparency
Accountability
Participation
E-Governance
web2.0
driven
Clustered,
Proactive,
Trustworthy and
Non-stop
Services
Device
Portable devices
Network Wireless Broadband
Application Web 2.0 Applications
Cloud
Computing
3 www.jrsys.com.tw
Government e-Procurement System (GEPS)
Land Information System
e-Tax System
G2B Service Platform
Taiwan e-Gov Framework
My eGov Service
Portal Site
Government Service Platform (GSP)
GPKI
Government Service Network (GSN)
GCA, MOICA
MOEACA, XCA…
Government
Directory Service GDS, XDS, CPA
Gov Agencies
Portal Sites
Citizen
Organizat’n
Business
Application Services
Infrastructure
e-Gov Online Services
Gov’t
e-Invoice Platform
……
4 www.jrsys.com.tw
Government Public-Key
Infrastructure (GPKI)
GRCA
Government
Agencies,
E-Gov Servers
GCA MOEACA
Businesses
(companies and
branches, and
shops)
MOICA
Citizens
XCA
Other organizational
entities (e.g., school,
not-for-profit org.)
GTestCA
All kinds of test certs. for developing apps
HCA
Healthcare
Professionals,
Healthcare orgs,
Healthcare
Servers
5 www.jrsys.com.tw
Proactive Services
Innovating Services
Satisfaction↑
Instance notice
Greater efficiency
Safe and secure
Integrative with other
channels
Proactive Service
e-Helper for
business
e-Housekeeper
for citizen
e-Secretary for
Gov employees
6 www.jrsys.com.tw
G2B2C e-Document Interchange
Taiwan first Validation Authority product (2002)
Taiwan largest Validation Authority
Big transaction volumes (33,000 eDocument /day)
E-Official
Document
Verify signature/ Decryption
Digital signature/ encryption
7 www.jrsys.com.tw
Taipei City Government
• Multi-purpose card Employee ID card
Employee ID
• Contact PKI Card
• Contactless Transportation Card
Secure Single-Sign-On System
9 www.jrsys.com.tw
Military PKI-enabled Applications
• The first Military PKI-enabled project
• For both Web base and Client Server Applications
• Secure Single Sign On
• Access control by PKI smart card
• Users include army, navy and air force
10 www.jrsys.com.tw
Ministry of Transportation and
Communications
Web AD
management t
portal
Mobile Signature and
Validation Service
PKI-enabled Application
Microsoft Active
Directory Service
11 www.jrsys.com.tw
Ministry of Finance
Internet
User
MOICA
PKI Validation
Purchase Order System
Electronic Document
Material and Transport
Meeting Room Reservation
Human Resource
EIP(Sun One) LDAP
EIP Portal
HA
Log Server
PKI suite
PKI suite
Verify
CRL SVC
LOG SVC
Audit
OCSP SVC
1.User with
Smart Card
2.Login
3.Verify
4.Log
5.Result
6.Authorization
DB
MS AD
GCA
14 www.jrsys.com.tw
CHT WebTrust® Certificate
We issue certificates to Mobile & PC
Secure MicroSD
iOS/PC /Android Token
Bluetooth
Reader
Jrsys Secure Mobile/PC Tokens
Software PFX
HCE
Smart Cards USB
PC/SC reader
USB PKI
Token
15 www.jrsys.com.tw
eAuthentication
Different level of security
– ID/Password
– One Time Password
– PKI Two Factor Authentication
• Software Token
• Secure Element
– NFC
– Biometric
Dual-Channel Multi-Factors Authentication
Kerberos/SAML
QR code OTP
Mobile PKI
HCE
Tokenization
FiDo
Apple Pay
Hot Technologies
16 www.jrsys.com.tw
All in One OTP solutions
Slim SIM OTP SMS AOTP OTP APP QR code OTP
MicroSD OTP
Android Token iOS OTP
OCRA OTP
OTP Token e-Ink Display
Master Card
jrsys OATH OTP
Server
Low cost solution
One Time Random Password
17 www.jrsys.com.tw
Mobile ID (OOB auth)
Jrsys Authentication
Server
1. Input ID and Password
Internet
2. Scan QR code to obtain the OTP code
3. Server verify the
OTP code
CA/RA
PKI base QR code Dual Channels Two Factors
Out-Of-Band authentication
18 www.jrsys.com.tw
Mobile PKI
• Smart Card
– Bluetooth Reader, NFC Mobile Phone, Audio Reader
• SIM
– SWP SIM, Slim SIM Sticker with Secure Element/SWP, HCE
• Secure MicroSD
• iOS/Android/PC Token
• Audio PKI Token
• FiDo/Apple Pay
– NFC + SE +Fingerprint sensor
19 www.jrsys.com.tw
Secure Mobile Devices
Bluetooth Reader
World First
iOS/Android/PC
Token
e-Ink Master
OTP card
Audio Reader
21 www.jrsys.com.tw
Dual Interface Smart Card
Multi-Function Smart Card
– ID card (Contact/Contactless ICAO)
– PKI card (Contact/Contactless Digital Signature)
– Transportation Card (Contactless MiFare)
22 www.jrsys.com.tw
• Platform: PC/Android/iOS
• Jrsys Secure MicroSD inside
PC USB
iOS 8-Pin
Lightning
Connector
World First iOS/Android/PC Token
Android
Mini USB
24 www.jrsys.com.tw
Pain & Solution
• PKI is hard to understand and implement
• Cross Platform is hard, especially Mobile
High Hidden cost
25 www.jrsys.com.tw
Easy & Fast PKI-enable Solutions
• PKI-enabled in 3 Days Not 3 Months
• Cross Platform
• Various Devices
• Mobile Signature & Validation Service
ActiveX Firefox Plug-In Chrome Plug-In
26 www.jrsys.com.tw
Security Suits for PC
Jrsys PC Security Suite
ActiveX Firefox Plug-In Chrome Plug-In
Multiple Tokens
Software PFX Smart Card USB Token HSM
Software Applications Applications
Jrsys
Middleware
Secure
Devices
can
work with
and many
Web Authentication with SE
2014 Taiwan ITM
Best product
Winner Award
27 www.jrsys.com.tw
Security Suits for Mobile
Applications
Jrsys
Middleware
Secure
Mobile
Devices
can
work with
and many
Mobile Authentication with SE
Secure Mobile APP
Mobile Signature
One Time Password
Secure PDF
Mobile Money
Secure e-Mail
jrsys Mobile Security Suite
Android SDK iOS SDK
Multiple Mobile Tokens
Software
PFX
HCE
Secure
MicroSD
Smart Cards
Bluetooth
reader PC/iOS/Android
Token
2014 Taiwan ITM
Best product
Winner Award
28 www.jrsys.com.tw
WebTrust® RA
CHT WebTrust ® CA issue certificates to Mobile & PC
Secure MicroSD
iOS/PC /Android Token
Bluetooth
Reader
Jrsys Secure Mobile/PC Tokens
Software PFX
HCE
Smart Cards USB
PC/SC reader
USB PKI
Token
29 www.jrsys.com.tw
Cloud Validation
Single Sign On
PKI APIs
All in One Authentication Service: ID/Password, OTP, Smart Card, Mobile Tokens and Micro SD.
31 www.jrsys.com.tw
James Wu /jrsys
Cross-Border e-Commerce
Mobile Payment
Digital Signed Electronic Document Exchange
33 www.jrsys.com.tw
2 Factor Login – QR Code & Mobile
Traditional
ID/Password
Hard to against Trojan, Sniffer, Web Site
Compromised and Bad Administrator
• Dual Channel Two Factor Secure Login
• Cross Platform/ Browsers
No Phishing Secure Sign In
34 www.jrsys.com.tw
“Card Not Present Transaction”
Big Risk of Online Shopping
Trojan, Sniffer, Phishing site e-Commerce site compromised
You may lost
Card Number + Expiration Date + CVV
35 www.jrsys.com.tw
On-Line Payment
3.Scan the checkout QR code
4.Select virtual credit card
5.Input PIN code to confirm the payment
Consumer 1.Prepare checkout data 2.Create a Digital Signed Checkout QR code on the screen
Date:2014/10/02
Merchant’s Digital
Signature
Commerce
Credit card
information is
not transmitted
Card Number + Expiration Date + CVV No more Just Scan the Secure QR Code
36 www.jrsys.com.tw
Off-Line Payment
Out-of-band authentication
Handwriting
signature
Before
Mobile Payment
Card can be Cloned
Merchant scan the QR
Sign a Credit
card Check
More Secure and Fast than
Magnetic Credit Card Swipe Payment
37 www.jrsys.com.tw
1.Select Virtual credit card
2.Enter the amount
3.Input PIN to make a digital signature
and Generate a QR code
4.Scan the QR code
5.Make a Digital Signature
6.Connect to Payment Gateway
Date:2014/10/02
Consumer’s
Digital Signature
Consumer
Commerce
Commerce cannot clone
any card !
Offline Payment Process
38 www.jrsys.com.tw
QR code for Logistic
• Shipping QR code contains Product codes, Quantities, Date, Time and Manufacture's Digital Signature
• User can scan and verify it immediately
39 www.jrsys.com.tw
Patented QR Code Payment
• Digital Signature QR code – Not only an URL/ OTP short code
– But also the transaction with digital signature
• Easy to deploy and use
• No additional hardware cost
– Authentication, Integrity, Confidentiality and Non-repudiation secure transaction
Date:2014/10/02
Time:11:50
Amount: US$25
OTP
Digital Signature
Patented O2O
Payment technology
40 www.jrsys.com.tw
Digital Signed Hard Copy Document
Before
Now
Handwriting Signature
Digital Signed PDF or Hard copy Printout
Party A’s
Digital
Signature
Party B’s
Digital
Signature
PDF417
Original
Document
with Digest
41 www.jrsys.com.tw
Digital Signed Hard Copy Document
Digital signed QR
code Invoice
Digital signed
PDF 417 License
42 www.jrsys.com.tw
2012 ASIA PKI
Innovation Award
2012 Mobile Money
Innovation Award
APICTA Award 2013 Security Winner
One of the 7 innovative ideas to provide greater access to financial services from 98 best ideas of 26 countries
BY: MIF, IDB, CAF and GSMA
2014 Taiwan ITM
Best 100 products
Winner Award
About jrsys Innovative Mobile and Cloud
Security-Enabler