Internet Banking 3.0

19
Internet Banking 3.0 Towards a National Secure (and private) Internet infrastructure for Online Banking

description

Internet Banking 3.0. Towards a National Secure (and private) Internet infrastructure for Online Banking. Uniken Management Team. Gopi Gopalan, Chairman of the Board Sanjay Deshpande, Chief Scientific Officer Dr. Pat Shankar, Member of Scientific Advisory Board - PowerPoint PPT Presentation

Transcript of Internet Banking 3.0

Page 1: Internet Banking 3.0

Internet Banking 3.0

Towards a National Secure (and private) Internet infrastructure for Online Banking

Page 2: Internet Banking 3.0

Uniken Management Team

Gopi Gopalan, Chairman of the Board

Sanjay Deshpande, Chief Scientific Officer

Dr. Pat Shankar, Member of Scientific Advisory Board

Ajay Dubey, Chief Product Architect

Nanjundeashwar Ganapathy, Chief Technology Officer

Prakash Salvi, Chief Delivery Officer

Vivek Saxena, Chief Business Officer

Nilesh Dhande, Head of DEEKSHA

Page 3: Internet Banking 3.0

Uniken Innovation Center

TruSiteTM

(Powered by REL-ID)A website authentication technology

ENZENTM

(Powered by REL-ID)An end-to-end secure channel and authentication technology

NWIReTM National Website Identity Repository

CARDSIGNTM

(Powered by REL-ID)An online credit card authentication technology

InSENSETM

(Powered by REL-ID)An intrusion prevention technology

REL-IDTM A Distributed Mutual Authentication Technology

DEEKSHATM An e-Learning business enabler service

ADAPT TM Ad-Sales Management Solution

FUELCORETM Aviation Fuel Management Solution

PIETM (π) Product Innovation and Engineering Service

Page 4: Internet Banking 3.0

Internet 1.0 and 2.0!

Page 5: Internet Banking 3.0

What’s wrong with the internet ?

• Invention TCP/IP

• Distributed communication infrastructure

• Invention of HTML

• Primary objective was to distribute and communicate information

• Invention TCP/IP

• Distributed communication infrastructure

• Invention of HTML

• Primary objective was to distribute and communicate information

• Invention of the browser

• Dot Com and ecommerce boom (and bust)

• Banking industry’s thrust on Internet Banking (the cost reduction drive)

• Birth of Cyber Criminals! (well, they were already there, the world awakened to the fact that they are there)

• Invention of the browser

• Dot Com and ecommerce boom (and bust)

• Banking industry’s thrust on Internet Banking (the cost reduction drive)

• Birth of Cyber Criminals! (well, they were already there, the world awakened to the fact that they are there)

Page 6: Internet Banking 3.0

NOTHINGS WRONG WITH THE INTERNET

Its cheap…

Its free (as in anyone can use it), its available (almost everywhere now)

Anyone can create any website, put any content, on any server, with any IP address with NO GOVERNMENT CONTROL!

Its democracy at its best!

If anything is wrong it is the fact that its been used for something that it was NOT designed to be used for in the first place. The designers never said it is for doing secure communications

Page 7: Internet Banking 3.0

Anatomy of the Internet Infrastructure(The fundamental reason for fraud)

Customers PC (Hardware and OS)

Browsers

Internet(work) [DNS, Routers etc]

(Banks) Servers

WHAT PART OF THIS IS UNDER THE CONTROL OF THE BANK?

Page 8: Internet Banking 3.0

Internet Map of the World

Page 9: Internet Banking 3.0

Would you connect your ATM to such a network?

Why would you not allow your customer to browse the internet while he is withdrawing cash?

BECAUSE YOU DON’T TRUST THE INTERNET. PERIOD. Now, in case of Internet Banking – add the users PC (hardware/OS) and the Browser to this list – and you will now visualize what one is dealing with!

Page 10: Internet Banking 3.0

Internet (Banking) 3.0

A Uniken R&D Viewpoint

Research @ Uniken

Page 11: Internet Banking 3.0

The future

• From generalization to specialization (from public to private)– TV

– Radio

• Internet would evolve to a specialized dynamic virtual private networks (layered on top of the underlying communication framework)

• Browsers (or web-application entry points) would specialize (Banking Browser, Gaming Browser, News Browser, etc)

• The PC would have the technology to dynamically (on demand) become an specialized secure appliance

• Mutual Authentication would be de facto standard in identity

Page 12: Internet Banking 3.0

Uniken’s Patented Technology

Customer PC

Secure Browser

Secure Desktop

Insecure Customer PC

Virtual User Access DeviceVirtual User Access Device

REL-ID SoftCardREL-ID

SoftCard

ENZEN 2FA Mutual Authentication

+ PIN

R-Tunnel Bank’s Servers

Data Tunnel Data Tunnel (RMAP Mutually Authenticated and (RMAP Mutually Authenticated and

Encrypted)Encrypted)

SSL PipeSSL Pipe

Page 13: Internet Banking 3.0

Dynamic Private Network Layer

Customer PC

hosts

INTERNET

ISP DNSServer

ISP

INTERNETCertificate Authority

Fraudster’sMachine

Fraudster’sMachine

Fraudster’sMachine

DomainRegistrar

Registrar / Other

DNS Server

Modem

X

X

X

X

R-Tunnel

Z-Server

BankDatacenter

Bank’s Servers

Man-in-the-middleSession Hijacking

Replay Attacks

Phishing

Pharming

Man-in-the-browserMan-on-the-machine

Pharming

Page 14: Internet Banking 3.0

TRUBANKTRUBANK

2 STEP BANKING

Page 15: Internet Banking 3.0

Step 1: Launch (from PC or USB) and Enter PIN

Page 16: Internet Banking 3.0

Step 2: Start Banking

Page 17: Internet Banking 3.0

Messaging Add-on (Optional)

Page 18: Internet Banking 3.0

National Secure (and Private) Infrastructure for Internet Banking

Page 19: Internet Banking 3.0

Thank You

[email protected]