Frans Bolk CEO UniQ-ID
• Uses certificates ( x.509) • Has its own UniQ-CA • ETSI • Level of Security LoS5 ( Common Criteria EAL5+) • ISO29115 and ISO29003 – Level of Assurance LoA 4, and 3, and 2 ( STORK4+, and 3, and 2) • Identity & Access Management as a service • Access to on premise applications AND cloud applications!
Depending on risk analyses one or a combination of any factors below can be made • Something you have ( certificate on token) • Something you have ( out of band authentication with smart-phone • Something you know ( PIN code ) • Something you are ( biometry) Customer experience is very favorable with three factor authentication were a certificate is used with a PIN code and out of band with smartphone. It “feels” like one-factor .
• Is privacy Enhanced • Biometry NOT linkable to person • Person is linkable to biometry • Biometry is NOT stored • Biometry is re-usable • All ten fingers can be used • Uses standard bank card • Communication with sensor is secure ( identity and communication) • Biometry is protected through certificate
The internet brings us globalisation: • More opportunities • More organisations • More people • More complexities UETP simplifies complexities • Lowers cost • Opens global markets
• Know who you are doing business with! • To be successful in business you need: – Integrity – Authenticity – Confidentiality
One buyer One identity
One buyer One identity UETP ‐ ID One transaction
• All information needed to fulfill transaction for all players included in one receipt • Receipt digitally signed with irrefutable electronic signature • Receipt is human readable • Receipt has time stamp and identity
• Use a standard EMV bank card • Extend card with eID/eIDASenvironment • Result is a card with two environments ( in a legal and logical sense it’s two cards into one) – EMV uses standard PIN ( 4 digits) – PKI uses other PIN ( 6 digits) • EMV part does not change • Liability for EMV does NOT change
• UniQ-CA uses certified protocols for registration, production, dissimation and revocation of certificates • UniQ-CA integrates it’s processes with the banks: – Registration process – Card management – Card personalisation • Bank is NOT liable for eID/eIDAS • Customer signs off on it.
Quick Scan • Categorise participants • How to extend registration process with Bank-ID • Education Registration Officers • How to integrate with Card Management • How to integrate with current Card personalisation/production process • Small test with cards in simulated process
Proof of Concept • Limited # participants ( 10.000 –50.000 ) • Extend registration process with eID/eIDAS • Education Registration Officers • Integration Card Management • Integration Card personalisation/production process
Cloud Security Cloud security is an ever-present concern for businesses looking into cloud-based solutions. While the cloud offers well known advantages - including easier access and reduced costs - there is still a general apprehension about cloud security that must be addressed by cloud service providers. UniQ-ID empowers banks with an out of the box solution that is feature rich and secure.
Cloud Security Features UniQ-ID IAM is a set of easy-to-deploy identity components that run alongside the banks (cloud) applications, putting the bank in control of cloud IAM. Identity data is kept safe and access is controlled. With an extensive background in security solutions, UniQ-ID IAM has numerous cloud security features, including: • Packaged software components providing the bank with ownership and control of the identity data • OpenIDConnect and SAML mediated authentication options including multi-factor authentication, SSO and social login • Integrated role and access-based access control for directory data • Externalisedapplication and API access control using our XACML v3.0 policy-based authorization server • Splunkintegration providing audit tools for both analytics and compliance • UniQ-ID specialisesin delivering ingenious identity and access management solutions that enhance the banks existing offerings. • UniQ-ID IAM is a cloud identity solution, developed to provide flexible, scalable and secure identity management for the banks (cloud) applications.
Recommend
More recommend
