Upload
amershoter
View
369
Download
0
Embed Size (px)
Citation preview
„Future of eBanking, Strategies and Concepts“ITUG Europe 2006, 15th of May, Amsterdam
Vision
Today’s banking platforms need to cope with continuously changing business environments, and a continuous flood of new requirements, while staying sufficiently agile.
Banking platform renewal requires thorough preparation based on a business foundation, including a description of what functionality the business side can expect.
Jost Hoppermann, Forrester Research(from „Vintage Banking Platforms Need Renewal“)
XCOM AG
• The XCOM Group is a Full Service Provider for the Financial Services Industry in the area of eBanking
• XCOM AG has the four large German private banks as their customers (Deutsche Bank, Dresdner Bank, Hypovereinsbank, Commerzbank), as well as some regional private banks and special institutions.
• XCOM AG has decided for expanding its business internationally.
eBanking - Definitions
• eBanking – is about electronic banking transactions
• eBanking – is meant to at least partially replace traditional branch office functions
• eBanking - is a expanding sales channel for banks
• eBanking - Is a dynamic high tech channel, highly competitive, international and customer oriented
• eBanking – the basis for STP processing
• eBanking – bank access 24 x 7 on a worldwide scale
Current Status of eBanking
• „Room for improvement“, particularly in the area of Internet banking for retail customers
• Customer acceptance issues• Pressing security issues • Many different and costly products offered for
improving security, which one to select ?• Fraud losses• Operational cost issues• Cost savings vs. traditional banking transactions not
as high as projected
eBanking on the retreat ?
• In Germany, the number of bank branches has been declining since 1991
• Now, the number of bank branches is increasing again !
(HANDELSBLATT, Donnerstag, 06. April 2006)
• In 2005, the total number of branches increased by 2.6 %
• What are the reasons ?
The need for better eBanking
• Current eBanking is somewhat unpractical and does not provide the level of personal comfort known from branch banking
• Lack of individual consulting• Fear from online fraud and subsequent hassle• Banks need „2nd Generation eBanking“ !• A quantum leap in Security is required• Better personalization ...
Fundamentals of eBanking
Adaptability• multi protocol capability• multi language capability
Trust• Authentity, Integrity• Identity, Confidentiality
Access• Available “around the clock”• failsafe
Complexity in eBanking
• Generating new channels and products
„Many-to-many“
Disadvantages of the traditional approach
• Multiple frontends, multiple backends, each connection implemented separately – high project cost !
• Running front end solutions on standard servers causes high system management cost due to the required security patching
• Each frontend needs separate access control and workflow provisioning
• When problems come up: Difficult to trace, as frontends typically have separate logfiles …
• Changing components cause high project cost, as multiple interfaces are affected
• High maintenance cost
Reducing complexity by MiddleWare
„Hub and spoke“
MiddleWare requirements
• Very high availability• High scalability• Central logging• Central user and security administration• Provides the business logic • Easy to modify:
• Business transactions• Communication protocols• Security mechanisms
• Central security administration
Frontend integration
• Frontend systems:• Browser-banking• External systems run by the customer• Telephone banking• Hotline/Support
• Frontend integration via standard interfaces • National / international standards• Industry standards, e.g WebServices • Business transactions are XML-defined • Standardized security functions, eg. XML-En-/Decryption, XML-Signature /
dynamic passwords
Load scenarios
Load
Frontend MiddleWare Backend
with MiddleWare
without MiddleWare
Secure systems need a secure platform
• Very hard to build a secure system on a vulnerable platform
• no known vulnerabilities on HP NonStop ...
Security issues
• Staged attacks, affecting the bank and/or customers
• Examples• Phishing - deceive customers to provide personal IDs (PIN),
passwords and transaction numbers (TAN) • Trojans – capturing security-relevant information via
malicious code (in the end user’s PC or on the bank server)• Trojans – creating fake transactions
• Just using firewalls and virus scanning software is not enough !
Security functions
• Secure authentication• Use one-time passwords when logging on to the frontend• Quantum leap in security by two-channel approach
• End user creates transaction and transmits it to the bank • Elektronic signature is supplied via a separate channel, which
cannot be affected by malicious code
Example: electronic signature contained in the SIM card of the end user’s mobile phone, verification via GSM network
Further considerations
• The bank system needs to be flexible, to allow easy integration of new security technology
• All business transactions need to be centrally logged• Business Intelligence functionality to improve
security, eg. data mining, blacklist generation etc. to combat fraud
The XCOM and HP solution
eBanking - failsafe and virus-free
• XCOM – eBanking with TRISTANTM-Server• Supports wholesale and retail banking • multi-institution, multi-language support• multi channel support • Optimized for the HP Nonstop platform (based on Pathway)• High scalability, failsafe operation, no vulnerabilities• Modular application structure• No foreign software within the kernel• NonStop SQL support using SQL/MX• Flexible interfaces for backend integration (communication
using server classes without protocol switching)• Supports various security technologies, eg. Valimo mobile ID
management, two-factor authentication tokens etc.)
*betrifft C/C++ - Version
eBanking - failsafe and virus-free
• TRISTANTM-Server• Provides limit management (order limits, rolling limits incl.
currency conversions)• Distributed electronic signature schemes • Data conversions (eg. creation and decomposition of
MT/S.W.I.F.T messages)• Handling of orders with future execution (dated orders,
standing orders)
Operational characteristics
• Central security administration• central tracking facility for business transactions • Failsafe 24 x 7 operations, including business
continuity functions (eg. remote backup center)• central monitoring – operational and business
statistics available in real time• Data warehouse functionality to support flexible
analysis over extended periods
eBanking - failsafe and virus-free
• XCOM – eBanking Components (WebFiliale)• Browser based online banking system suites for private
customers as well for business use • providing a combination of professional functions and simple
use• Can be installed easily on J2EE compliant application
containers/servers• Data transfer between customer‘s web browser an the
remote application is secured by encryption• Multi language support from day one• Support electronic signatures, eg. Valimo mobile ID mgmt.
eBanking - failsafe and virus-free
Why is HP NonStop more secure ?
• Built for security from day one – worldwide leader in electronic paments
• Not a single known case of electronic fraud without possesion of the required security credentials (UserIDs, passwords, PINs etc.)
• Sophisticated protection against internal attacks, eg. separated roles/functions for system administrators and security managers
• Sophisticated protection against external attacks, the common attack schemes like Buffer Overflow just don‘t work on HP NonStop systems
eBanking - failsafe and virus-free
• No known vulnerabilities on HP Nonstop, hence no security patching
• Limited threat potential – HP NonStop is used only in business-critical areas within large enterprises. Nonstop hardware, software and in-depth system knowhow is definitely out of reach for the average hacker
• Highest level of security at lowest operational cost • No security patching means elimination of the
related efforts, costs, operational risks and downtimes
Why is HP NonStop more secure ?
eBanking - failsafe and virus-free
• XCOM Group has designed and implemented new concepts in eBanking in Germany, with considerable success in the German market
• In cooperation with HP, we are ready to bring modern eBanking with much more security to the international banking community