The financial services industry has developed a multitude of security procedures for banking and payment services, based on cryptographic processes. Chip cards, TAN generators or secoder represent current state-of-the-art of security procedures. Signatures based on standards of the Deutsche Kreditwirtschaft (German Banking Industry Committee, DK) such as FinTS and EBICS as well as token-based solutions such as the SWIFT 3SKey are supported.
One of our core responsibilities at PPI AG is to offer these types of security for portals such as an Internet banking portal. This development started with HBCI in the mid-1990’s; PPI AG was involved right from the start. The increasing Internet criminality continually raises the pressure to use these procedures.
Less involvement of the hotline
It is equally important that portals run smoothly on all operating systems and browsers used by private users. For years TRAVIC-Sign has proven this reliably in practice: The implementation as a C-plugin relieves the hotline of all of the problems of Java-based applets: high dependency on the system software and the release levels, especially at the time of automatic upgrades of Java versions and browser releases.
Dealing with certificates
In addition to providing security procedures on all platforms, TRAVIC-Sign supports the secure messaging procedure that can be used to securely exchange or download certificates onto chip cards from trust centres, as well as a series of automated administration procedures, such as:
Multiple chip cards and hardware/software tokens are supported. The use of hardened browsers (Coronic, Kobil, PROMON) is accepted practice.
Simple integration into portals, including transfer of the look & feel, are additional benefits.