| | | RssFeeds
 
Get NetworkComputing Connect Search   Search Search
 
NWC Print
Nov 2008
Beyond Headlines
Buzzcut
Editorial
Cover Story
On the Record
Show Case
Interop 2009
Lateral View
In-Depth
On Location
Down to Business
Techmall
Book Review
In Passing
Last Mile
Archieve
 

Aladdin Deploys Two-Factor Authentication in Indian Banks


 By Harshal Kallyanpur, NWC, Aug. 6 2008, 1430 hrs

 

Aladdin Knowledge Systems, an information security solutions provider, plans to increase the use of two-factor authentication amongst Indian banks.


The company, which has currently deployed its USB-token based authentication solution for internal use by Canara Bank and Punjab National Bank, is looking to extend the usage to external customers as well.

“The current challenge for banks is that there is no common authentication management system. With One Time Password (OTP) devices and time-based USB tokens, authentication security can be managed centrally with a single server,” said Shailendra Sahasrabudhe, Country Manager, Aladdin. The systems existing in most banks currently take a username-password approach for allowing transactions on their sites. Although most banks provide encrypted data transmission, such single-factor authentication systems are vulnerable to phishing attacks and password stealth.

The tokens Aladdin provides aim to resolve this issue with digital certificates that are verified by the bank’s server every time the user logs into the system. At the user end, the browser asks for username and password which is a random number generated by the OTP. Simultaneously, the user is also required to have the USB token attached to the system. The token, equipped with a cryptographic chip, generates a digital signature which, along with the password, is sent to the bank’s server for verification. The certificate is verified each time the user tries to access a particular service. The customer can complete the transaction only if both the means of authentication – password and digital certificate – are available.

The above approach particularly aims to handle phishing issues where hackers can obtain passwords by deploying a phishing site that looks similar to the bank’s website. Even if a hacker manages to obtain the password the absence of the USB token will mean the user will not be issued any digital certificate, thus blocking access to the bank’s system and thwarting the hacker’s attempt.

Besides banks, Aladdin, which at present has 7 lakh tokens deployed, plans to sell its solutions to other segments such as retail and software services.
Print this Page   E-mail this Page
RATE THIS ARTICLE
 Worse   Better 
Comment:*
First Name:*
Last Name:*
Company:
City:*
E-mail:*
Verification Code:*

Type the characters you see in the picture above.
 
  Reset

Comments >>
1
No Comments to display

Disclaimer >>
Messages posted on this Web site under the `Comments' area are solely the opinions of those who have posted them and do not necessarily reflect the opinions of UBM India Pvt. Ltd.(CMP) or its site www.networkcomputing.in . Gossip, mud slinging and malicious attacks on individuals and organizations are strictly prohibited. UBM India Pvt.Ltd .(CMP) and www.networkcomputing.in can not be held responsible for errors or omissions in content, nor for the authenticity of the user/company name or email addresses associated with posted messages. UBM India Pvt.Ltd. (CMP) reserves the right to edit or remove messages containing inappropriate language or any other material that could be construed as libelous, potentially libelous, or otherwise offensive or inappropriate. UBM India Pvt.Ltd.(CMP) and www.networkcomputing.in do not endorse the products and services or any other offerings mentioned in these messages.
 
 CIO Perspectives >>

“Always look for simpler solutions to challenges and be the first to make decision in your area of specialization”

Satish Das, CSO and Director-ERM, Cognizant

 

More: CIO Perspectives >>


 FEATURED STORIES >>

Data Center Encryption Is Key To Security

And key management is crucial for your encryption plan to succeed

 

Inside 1&1's Giant Web Hosting Data Center

Photos of the ISP's newly green data center in Kansas reveal the infrastructure behind the Web host's strategically located facility

 

Largest Core Banking Rollout in Indian Co-operative Banking Sector

Punjab State Co-op Bank has selected Flexcube, Oracle Database and Oracle Financial Services OnDemand to replace manual processes and enhance efficiency by maintaining customer intimacy  created over the years

 

CAST YOUR VOTE>>
Will hardware requirements reduce when companies deploy virtualization solutions?



View Polls Archive
ADVERTISEMENTS >>
 
News | Server & Storage | Network Infrastructure | Information Security | Enterprise Applications | Connectivity & Convergence | Whitepaper | Management
International Partners: Germany
Media Kits | Reprints | Privacy Statement | California Privacy Rights | Copyright © 2007 CMP Media LLC | Terms of Service
Content Management System By AdwebTech | Search Engine Optimization By AdwebTech & eBrandz | Web Hosting By AdwebTech & Hostway
Powered By: ssCMS 2.2.0.0