Transecq ITA
-
Upload
transecq -
Category
Technology
-
view
251 -
download
2
description
Transcript of Transecq ITA
Tel. 678.466.6772 | [email protected] | www.transecq.com
Transecq
Two-Factor Authentication
The need for stronger authentication mechanismsEstablishing the true identity of an online user is often a tricky task.
Traditionally, users have been identifi ed by means of a username
and password. Once these credentials are supplied, a user is
usually granted unconditional access to the system. In the case of
online transaction systems, it is vital that someone does not gain
unauthorized access enabling them to commit some level of fraud.
As the Internet is becoming more central to everyone’s day-to-day
life, an increasing number of services are being made available
online. This includes sensitive services such as online banking,
online purchases, restricted remote system access and many
more. Along with this trend, fraud is also increasing at an alarming
rate, exploiting the security loopholes in existing information
infrastructure.
With the widespread use of exploits such as MITM (Man-In-The-
Middle), MITB (Man-In-The-Browser), keystroke logging, phishing
and various TEMPEST methods, additional means of online user
identifi cation and transaction verifi cation becomes an absolute
necessity. A username and password is no longer suffi cient to
identify a user.
The path to a viable solutionA user validation concept that has been around for a couple
of years is two-factor authentication. A simple username and
password employed for remote authentication is considered a
single factor of authentication. By providing an additional, different
means of authentication, a second factor is introduced into the
authentication process allowing two-factor (or multiple-factor)
authentication.
A true second factor is usually implemented as something a user
has or possesses, while the traditional username and password
(fi rst factor) are things the user knows; a perpetrator would have to
gain access to the knowledge (passwords) and the physical item
to be able to authenticate as someone else.
Hardware tokens are popular second factors. The user carries a
small device capable of generating some unique authentication
number (token) that can be entered into the authentication
platform. The system usually employs some mathematical method
to determine if this token indeed belongs to the specifi ed user.
So in addition to the facts the user should know (username and
password), he also needs to be in possession of the hardware
token device to successfully authenticate and gain access to the
system.
Some problems do, however, exist around hardware tokens. Since
the user is required to constantly carry the device, it is easily lost
and also impacts negatively on the mobile appeal of the solution.
Furthermore scalability becomes problematic, as well as the
considerable expenses involved to provision, manage and replace
all the physical hardware devices.
Solving the problems of token devices, mobile one-time passwords
(OTP’s) do go a long way. However, technically it is still very similar
to hardware tokens. OTP’s as a second factor of authentication are
usually provisioned to a mobile phone via an SMS (text message)
sent from the authentication system, normally a bank, and should
be entered into the system to complete authentication.
Users always have their phones with them, and a unique bond
between a user and a phone can easily be established. However,
SMS messaging does have drawbacks. Being a store-and-forward
technology, delivery delays often occur and various loopholes for
interception also clouds the integrity of this technology: especially
since SMS contents is sent in plaintext. Another important point is
the cost of sending these messages to users. Banking institutions
deploy signifi cant resources to send and manage OTP’s via SMS.
Various systems in the market generate an OTP on the mobile
device, via applications written mostly in JAVA, although other
platform specifi c applications are not uncommon. This model
eliminates the costs and problems around SMS OTP delivery,
since the user is now capable of generating an OTP at any time,
using only their mobile phone.
Tel. 678.466.6772 | [email protected] | www.transecq.com
Transecq
Two-Factor Authentication
Although a cost-effective and more convenient solution, this still
does not address the most important shortcoming of OTP’s. True
two-factor authentication can only be reached when the second
factor is totally out of band. Simply put, the second factor of
authentication should not re-use the communication channel of
the fi rst factor (username and password). All OTP/token solutions
rely on the fact that the token or number is entered into the same
system the username and password was entered. This simple
fact exposes the system to a whole range of vulnerabilities
for perpetrators to abuse. By successfully attacking the main
communication channel (usually the Internet), perpetrators
effectively compromise both authentication factors.
Gartner states in its report “Where Strong Authentication Fails and
What You Can Do About It” (G00173132) that any authentication
method relying on browser communications can be defeated.
They further go on to note that even techniques relying on out-
of-band phone calls can be thwarted because of the simplicity of
forwarding a phone call to another number. The Transecq solution
described in this paper is unique in the fact that it adheres to all
of Gartner’s recommendations and is impervious to the attacks
plaguing the industry today.
A standard attack scenario can be described as follows: A user
opens a phishing site masquerading as the real website. He
supplies his username and password. The fake site immediately
enters these credentials into the real site using an automated
script, causing an OTP to be sent to the user’s phone (or prompts
the user to generate an OTP from a token generating device).
At this stage any SiteKey or SurePhrase messages are also
duplicated from the real site to the fake site, further strengthening
the apparent legitimacy of the system. The fake site now prompts
the user to enter this OTP that they generated, or by now received
from the real site. At this stage, the fake site has enough details to
log in to the user’s account, and transact fraudulently.
A truly secure two-factor solution can only be considered employing
strong authentication when the second factor is completely
isolated and the complete loop is totally out of band with respect
to the fi rst factor. Only a system meeting these requirements would
be truly reliable in maintaining authentication integrity.
Once authenticated, a user should additionally be required to
authenticate certain key procedures within the online/remote
session - for example making benefi ciary payments in an online
banking environment. SSL/TLS, although in essence still secure,
is by its self is no longer suffi cient to protect against interception
techniques taking advantage of software implementation
vulnerabilities. Therefore transaction verifi cation totally eliminates
any kind of MITM and MITB attacks, since each transaction is
verifi ed out of band in a secure and isolated authentication loop.
A novel way of authenticationTransecq’s Interactive Transaction Authentication (ITA) system is
a complete solution to all the authentication problems plaguing
the industry today, by approaching the problem holistically
and enabling second factor authentication, with bidirectional
(encrypted) out-of-band data transmission. ITA consists of a high
performance socket server receiving authentication requests from
a workfl ow engine (through ISO8583, OpenID, RADIUS, LDAP or
SOAP) and relaying the messages to a corresponding user by
sending the messages to an application on their mobile phone for
approval by the user.
The ITA application on the mobile phone is available for the
following platforms:
• J2ME (MIDP 2.0)
• Android
• iPhone
• BlackBerry
• Windows Mobile
• As a USSD network service for phones not supporting the
above applications
aA aA0 space sym
#Q 1
w 2 3 ( ) _ - + @
E R T Y U I 0 P
alt 7Z
8X9C
?V
!B,N.M $
*A 4
S5D
6F
/G H
: ;J K
, “L
del
Transecq Mobile
AAAAAAcccccccccceeeeepppppttttttAcceptRRRRRRRReeeejjjjjjjjeeeeccccttttttReject
tt tt ffff $$$$22224449999555 9999555ept payment of $2495.95eptt paymentt offf $$$222444999555.999555d GENSTORE?m vendor GENSTORE?
Accept payment of $2495.95from vendor GENSTORE?
12:00 PMTransecq Mobile
AAAAAAcccccccccceeeeepppppttttttAcceptRRRRRRRReeeejjjjjjjjeeeeccccttttttReject
Accept payment of $2495.AAAAcceptt paymentt offff $$$$22224449999555.from vendor GENSTORE
Accept payment of $2495.95from vendor GENSTORE?
AT&T 12:34 PMTransecq Mobile
AAAAAAcccccccccceeeeepppppttttttAcceptRRRRRRRReeeejjjjjjjjeeeecccctttttttReject
Accept payment of $2495.95AAAAcceptt paymentt offff $$$$2222444499995555.99995555from vendor GENSTORE?
Accept payment of $2495.95from vendor GENSTORE?
Tel. 678.466.6772 | [email protected] | www.transecq.com
Transecq
Two-Factor Authentication
USER
TRANSACTION REQUEST SENT TO MOBILE
RESPONSE: YES/NO4
6 TRANSACTION ACCEPTED OR REJECTED
1 TRANSACTION REQUEST
TRANSFER $100TO JOHN SMITH
YES
TRANSFERSUCCESSFUL
DO YOU WANT TO TRANSFER $100 TO JOHN SMITH?
3
BANK SECURE AREA
TRANSECQ MOBILEAGGREGATOR
52
The Transecq ITA platform can identify each mobile phone in the
world uniquely by automatically issuing each client’s phone with
a Digital Fingerprint, also called a X.509 client side certifi cate
enabling bilateral certifi cate validation, issued from Transecq’s
trusted Certifi cate Authority. This certifi cate is stored on the client’s
phone inside DRMprotected space.
Each transaction to approve (website login, benefi ciary payment,
etc) is sent to the client’s phone, and a description of what the
transaction entails is displayed to the user. He can choose to
either Accept or Reject the transaction. The response is then
cryptographically signed with the private key of the user’s certifi cate
residing on the phone and sent down to the requesting server to
be verifi ed through PKI. This signature can then be used to ensure
non-repudiation and prove the intent of any user pertaining to a
specifi c transaction.
No matter what type of attack occurs (i.e. even if a transaction
is changed or manipulated by a fraudster) the actual transaction
occurring at the bank is sent directly to the specifi c user over an
encrypted second band accessible only to the specifi c paired
phone.
All attacks on other channels are negated as the user approves
the actual transaction and will immediately discover any fraudulent
attempt.
Tel. 678.466.6772 | [email protected] | www.transecq.com
Transecq
Two-Factor Authentication
This system can be used as a real-time, second-factor, out-of-
band authentication gateway for absolutely any digital action or
transaction. User input is minimal, enhancing user experience and
also eliminating human errors. This system has already been used
to successfully secure the following types of transactions:
• Online web login and transactions (Internet Banking, Trading,
etc.)
• Online Credit Card (Card Not Present) purchases tying into
3-D Secure.
• Credit and Debit Card Transactions at Point-of-Sale
• ATM (Automated Teller Machine) Cash withdrawals
Advantages in using Transecq’s ITA system as opposed to other
systems:
• Phishing, MITB, MITM, keystroke logging and any other forms
of user impersonation is impossible
• Transaction rejections can immediately be fl agged and the
user contacted or account placed under review
• Non-repudiation is ensured since each transaction is digitally
signed by the user’s private key
• Self-service options may also be made available inside ITA
applications: Check balances, active/de-activate cards, limit
changing
• Certifi cate is not tied to the SIM-card (or phone number),
so user is free to change SIMs (for example when travelling
overseas) and no pre-arrangement with mobile operators are
necessary when using this system, since everything is stored
on the handset, not the SIM
• All communications are packet data (IP based), which means
that institutions save millions of dollars in SMS (text) costs.
• Transecq ITA application can be remotely launched on user’s
handset by binary SMS if necessary
• OTP mode (generated on the handset) when there is no GSM
coverage
• Transactions can be pre-approved by a user using ITA, in
cases where the user knows he will enter and transact in a
poor GSM covered area
• ITA is completely scalable and a single phone application
granting the user access to all ITA enabled institutions
• An online user PIN allows for additional protection and is
embedded in the digital signature of transactions approved
• Bidirectional fl ow of transactions
In summary Transecq provides true two-factor authentication
completely isolated out-of-band, and also fulfi lls the
requirements for user convenience and usability ensuring a
healthy adoption rate crucial for successful implementation
and sustained operation.
Transecq is the leading provider of global secure transaction
authentication services.