Thom homas K Kop opp Head of IT eIDAS in Practice 10 Years Trust Services Experience in the Banking Sector
Once upon a time The 1999/93 EC Directive 2005 LuxT LuxTrus ust Found ounded Strong Authentication & - Trusted 3rd Party Electronic Signature Option - PPP of 4 Major Banks Requested by Luxembourg and Government - Cost Sharing for PKI-Based Public and Banking Sectors Trust Services Provision 2009 Accredited as Trust Services Provider in Europe Monitored by Payment Sector Supervision Body CSSF
Meet the classic request eSignature-Based Trust Services for Online Banking Issue EIDs: Admission ticket for the electronic world LCP, NCP, QCP (+) certificates Strong Authentication Services Challenge & Signed response Scalable concept: 1 Certificate Any bank Access right management of providers based on end-user certificate SSN Simplify usage: Central Signing Server 2008 Renewal made easy & Connectivity problem solved Common library for unified device support Removing complexity for PKI integrations Trusted Time-Stamping Service Preserve signatures validity beyond certificate lifetime
Leverage & Extend Real Time Enrolment & Advanced eSignature Usage Simply Use KYC: Delegate registration authority to banks Identification currently possible in approx. 20 RAs Banks can enrol customers instantly Online banking enrolment: Get equipped within 30 minutes User Device & EID Provision via Life Registration Service Since 2012 Interoperable AdES Signatures for paperless contracts Plug-Tested library for creation, verification and extension of ETSI conformant eSignatures International Trust Alignment TSL not integrated by major vendors Microsoft, Mozilla, Apple, Oracle, Adobe Adoption of National EID Card Broaden user device support
Current Bank Needs Address augmented threats and adapted service models Nonrepudiation of engagement: Use transaction signing Use of XAdES manifest signature applied to SEPA documents Rapid technology switch: Provide services via trusted cloud SAML v2 and DSS authentication and signature service portal Industrialised attacks: Contextual Approach The classic PKI card QSCD turns out to be a weak device Mobility is key: Signing on tablets Flexible user interfaces based on responsive design Paperless office: Save time, money & sign remotely Benefit from legal force of the 910/2014 EU Regulation
Mobile First strategy, a trusted journey How LuxTrust supported our developments How to achieve a high level of security combined with clients’ trust & a proof environment for online transactions? July 2015 • Mobile First • Full responsive design April 2014 • Advanced signature January 2014 on BILnet Mobile • Abandonment of Java June 2013 • Launch new BILnet & QuickBanking • New proof environment August 2011 & signature policy • Launch BILnet Mobile
Mobile First strategy, user experience & security Client benefits: a single & unique bank user experience any device, anytime, anywhere Bank benefits : higher security extended service offer differentiation New transaction possibilities : management of credit & debit card limits creation & management of transfer beneficiaries change of personal data, i.e. address, phone, email… investment profile & securities account security management: transfer limits, authorised countries… online account opening …
Trust Services for Banks The potential of tailored eIDAS solutions Flexible & easy to integrate Trusted Cloud Any service everywhere Mobility is key User devices fully managed by LuxTrust Real time and simple enrolment based on KYC Full solution range from one supplier Committed to high quality & availability
LuxTrust Key Facts Thanks for your attention KEY FACTS: ANNUAL GROWTH OF USERS OVER 50% | VALIDATIONS IN OVER 170 COUNTRIES REFERENCES: Financial institutions
Recommend
More recommend
