Typical Financial Solutions

Typical Financial Solutions

 

Background

/

BACKGROUND INTRODUCTION

 

>>>

Information security plays a vital role in the financial industry. The typical tech methods in this area are data encryption/decryption, key management, digital signatures, identity authentication, etc. All of them can timely alarm, respond and solve the issues occurring in the business course to assure the business safety. 

Requirements Analysis

/

REQUIREMENT ANALYSIS

 

>>>

Data Integrity

In the financial business scenario, user's data should be 100% accurate and reliable during a series of processes such as data transmission, usage and storage.

Data Confidentiality

The data exchanged between various systems in financial business must maintain confidentiality and should not be intercepted by unauthorized persons and entities or pried on public networks.

Non-Repudiation

Any operation executed by anyone can not be denied in the financial business system, which is crucial for standardizing business process and avoiding legal disputes.

Authentication

The authentication of traditional financial services is mainly realized through passwords or PINs, which is insufficiently secure. The financial business system has many interconnected interfaces to the outside world, which requires a higher level of authentication.

Key Management

Due to the particularity of the financial industry that many business systems need to provide services to the public, it is necessary to manage and maintain many various types of keys, including asymmetric keys, symmetric keys and digital certificates.

So more stringent requirements are presented for management methods such as key confidentiality, distribution,  synchronization and  isolation.

Typical Cases

/

CLASSIC CASE

 

>>>

IC Card Issuance System

In banking business applications, the card issuance system consists of multiple systems including data preparation systems, key management systems and personalization systems. The security of the card issuance system is related to the entire card system security, it is necessary to ensure the security of keys and key application data in all aspects.

Sansec financial HSM can be applied to card issuance system to:

  • Support PBOC3.0 standard and compatible with PBOC1.0/2.0 standard
  • Support financial IC card application, magnetic stripe card application
  • Support Chinese algorithm and international algorithm
  • Provide complete security solutions for banking applications
  • Generate various keys of financial IC cards, the issuance of certificates, the encryption and decryption of sensitive data, the MAC calculation, encryption of keys and data in the card issuance system
  • Guarantee the confidentiality and integrity of data in all links

IC Card Transaction System

The bank card transaction system is mainly divided into online and offline transactions, online transaction functions are mainly provided as online banking and offline transaction functions are mainly provided as bank card swiping. The bank card transaction system business involves banks, UnionPay, third-party payment, internet innovative payment and other institutions. Through the payment network, it provides member institutions, merchants, and cardholders with added value beyond payment. In the entire bank card transaction system, the roles of financial HSM:

  • Mainly used in the head office front-end system, branch front-end system, and third-party payment front-end system
  • Mainly complete transaction-related key encryption, ZPK/TPK encryption, ZAK/TAK encryption, PIN encryption, MAC calculation, etc.
  • In each front-end system, complete IC card PIN authentication, data encryption/decryption, data integrity verification, etc.

Online Banking System

In terms of business types, the current online banking system mainly includes personal online banking and direct connection of bank-enterprise business. For the whole online banking system:

  • All links need to be protected by HSM that supports Chinese/international cryptographic algorithms
  • Deployed HSM will ensure the confidentiality, integrity and non-repudiation of sensitive information in the system.
  • On the personal and the enterprise side, devices such as USB shields, dynamic tokens, internet terminals, and SSL security gateways need to be deployed
  • On the bank server side, encryption devices such as SSL security gateways, signature and verification HSM, financial HSM and dynamic password servers need to be deployed

Second-generation Payment System

Chinese modern payment system( CNAPS2), hereinafter referred to as the second generation payment of the People's Bank of China, is the pivotal for capital liquidation in electronic remittance system. 

Sansec signature & verification HSM and financial HSM, through the  API to call the back-end device to perform cryptographic operations, achieve client digital signature verification, data encryption and decryption and data integrity verification functions.

Second-generation Credit System

Credit system refers to the basic database that collects personal credit information of enterprises and residents. It aims to provide more accurate and comprehensive information services for various economic activities, providing basic personal information, credit transaction information, non-bank credit letters, personal statements and objections, and query history. The cryptographic technologies of the PKI system are used to:

  • Enhance the security during the data preparation phase
  • Enable security functions of credit system query, such as agency authentication, agency digital signature and query message encryption and decryption

In order to be compatible with the security mechanism of the credit system, this solution needs to deploy a signature & verification HSM in the backstage of the credit inquiry system to implement functions such as encryption and decryption and digital signature of the reported data by calling the server device interface.

Case Sharing

/

CASE SHARING

 

>>>

AGRICULTURAL BANK OF CHINA

AGRICULTURAL DEVELOPMENT BANK OF CHINA

SHANGDONG CITY COMMERCIAL BANKS ALLIANCE CO.,LTD

FINANCIAL INSTITUTIONS

INDUSTRIAL AND COMMERCIAL BANK OF CHINA

CHINA MERCHANTS BANK

SHANGHAI CITY COMMERCIAL BANKS ALLIANCE

MOTOR CORPORATION FINANCIAL SERVICES

POSTAL SAVINGS BANK OF CHINA

 

Previous Page

Next Page

Previous Page

Next Page

Protect the Digital World with Cryptography

All
  • All
  • Product Management
  • News
  • Introduction
  • Enterprise outlets
  • FAQ
  • Enterprise Video
  • Enterprise Atlas