Internet Banking 3.0
Towards a National Secure (and private)
Internet infrastructure for Online Banking
Uniken Management Team
Gopi Gopalan, Chairman of the Board
Sanjay Deshpande, Chief Scientific Officer
Dr. Pat Shankar, Member of Scientific Advisory Board
Ajay Dubey, Chief Product Architect
Nanjundeashwar Ganapathy, Chief Technology Officer
Prakash Salvi, Chief Delivery Officer
Vivek Saxena, Chief Business Officer
Nilesh Dhande, Head of DEEKSHA
Uniken Innovation Center
TruSiteTM
(Powered by REL-ID)
ENZENTM
(Powered by REL-ID)
A website authentication technology
An end-to-end secure channel and authentication technology
NWIReTM
National Website Identity Repository
CARDSIGNTM
An online credit card authentication technology
(Powered by REL-ID)
InSENSETM
(Powered by REL-ID)
An intrusion prevention technology
REL-IDTM
A Distributed Mutual Authentication Technology
DEEKSHATM
An e-Learning business enabler service
ADAPT TM
Ad-Sales Management Solution
FUELCORETM
Aviation Fuel Management Solution
PIETM (π)
Product Innovation and Engineering Service
Internet 1.0 and 2.0!
What’s wrong with the internet ?
•
Invention TCP/IP
•
Distributed communication
infrastructure
•
•
Invention of HTML
Primary objective was to
distribute and communicate
information
•
Invention of the browser
•
Dot Com and ecommerce boom (and
bust)
•
Banking industry’s thrust on Internet
Banking (the cost reduction drive)
•
Birth of Cyber Criminals! (well,
they were already there, the world
awakened to the fact that they are
there)
NOTHINGS WRONG WITH THE INTERNET
Its cheap…
Its free (as in anyone can use it), its available (almost
everywhere now)
Anyone can create any website, put any content, on any server,
with any IP address with NO GOVERNMENT CONTROL!
Its democracy at its best!
If anything is wrong it is the fact that its been used for
something that it was NOT designed to be used for in the
first place. The designers never said it is for doing
secure communications
Anatomy of the Internet Infrastructure
(The fundamental reason for fraud)
Customers PC (Hardware and OS)
Browsers
Internet(work) [DNS, Routers etc]
(Banks) Servers
WHAT PART OF THIS IS
UNDER THE CONTROL
OF THE BANK?
Internet Map of the World
Would you connect your ATM to such a
network?
Why would you not
allow your customer to
browse the internet while
he is
withdrawing cash?
BECAUSE YOU DON’T TRUST THE INTERNET. PERIOD. Now, in case of
Internet Banking – add the users PC (hardware/OS) and the Browser to this list –
and you will now visualize what one is dealing with!
Internet (Banking) 3.0
A Uniken R&D Viewpoint
Research @ Uniken
The future
• From generalization to specialization (from public to private)
– TV
– Radio
• Internet would evolve to a specialized dynamic virtual private networks
(layered on top of the underlying communication framework)
• Browsers (or web-application entry points) would specialize (Banking
Browser, Gaming Browser, News Browser, etc)
• The PC would have the technology to dynamically (on demand) become
an specialized secure appliance
• Mutual Authentication would be de facto standard in identity
Uniken’s Patented Technology
Virtual User Access Device
Secure
Browser
Secure
Desktop
Insecure
Customer PC
Data Tunnel
(RMAP Mutually Authenticated and
Encrypted)
SSL Pipe
Customer
PC
ENZEN 2FA Mutual Authentication
REL-ID
SoftCard
+
PIN
R-Tunnel
Bank’s
Servers
Dynamic Private Network Layer
Bank
Datacenter
Z-Server
R-Tunnel
Certificate
Authority
INTERNET
Phishing
Man-in-the-middle
Session Hijacking
Replay Attacks
Fraudster’s
Machine
Fraudster’s
Machine
Pharming
INTERNET
Registrar /
Other
DNS Server
Fraudster’s
Machine
Domain
Registrar
ISP DNS
Server
hosts
Pharming
Modem
Man-in-the-browser
Man-on-the-machine
Customer PC
ISP
Bank’s
Servers
TRUBANK
2 STEP BANKING
Step 1: Launch (from PC or USB)
and Enter PIN
Step 2: Start Banking
Messaging Add-on (Optional)
National Secure (and Private)
Infrastructure for Internet Banking
Thank You
sanjay.deshpande@uniken.com