Security IDs in payment methods: Proyect BAFIS
In 2006, 1184 phishing attacks were detected in Spain against the 293 identified in 2005. Of this total, 705 supplant banks. Bank Banesto, with 144 attacks, followed by Bank Santander with 118 and 115 at Bank CajaMadrid were the most affected . Web traps have also appeared on sites like Ebay or Paypal. Source: Internautas.org – 2007
Phishing in Spain, an almost unstoppable plague
The truth is that kits for cloning cards are available to anyone on the Internet, and such easy access has popularized their use (there are even online forums that offer training courses). It is a widespread practice in Latin America and Eastern Europe and it is growing in Western Europe.
The ATM and Internet channels are the most used in Europe, but the lack of security is a major restriction to business growth EMV chips on credit cares is intended to reduce fraud, but despite its high cost, does not solve the problem. The card cloning has become popular and growing.
Parque de cajeros automáticos y terminales de punto de venta:
XELIOS Solution Offering
- Deploy a secure technology platform based on biometric identification of users, for the approval of transactions at ATMs (ATM), Internet banking (Home Banking) and payments in shops across on biometric POS terminal.
- XELIOS BIOMETRICS BAFIS deliverables are
- Integration of ATMs, with the BioPad
- Integration of fingerprint sensor into POS terminal
- Turnkey key BAFIS software and integration modules
- 24/7 remote and on site support
Service On-line biometric identification BAFIS
It is a service for financial institutions and payment systems providers for online biometric identification by supporting centralized authorization transactions at ATMs, POS in retail, Internet banking, access control and other areas.
Steps of the solution
Encryption Algorithm 651 minutiae that decomposes the prints
POS device or high-end biometric sensor
Authentication Unit (AU), decodes the fingerprints up to 10 -64 FAR in operation
Infrastructure, services and BAFIS center
BAFIS data center setup
- Load Balancer.
- WebSphere MQ (queue)
- Biometric database (Oracle, DB2)
- Authentication Unit (AU)
- Help desk (system monitoring and user support within the financial institution)
BAFIS Service applied to ATM
España es el país con mayor penetración de cajeros automáticos, lo que hace de la red un activo muy importante para la Entidad Financiera, en lo referente a su capacidad de explotación comercial. Sin embargo, el volumen de transacción por cajero está por debajo de los valores de nuestro entorno, y el número de tarjetas de crédito por habitante es también más bajo que la media de los países europeos.
XELIOS Solution Benefits
- The technical implementation of biometric ATMs can have large benefits of differentiated image forto the financial institution
- Enables increased efficiency and productivity in the self service channel
- Sale/disappearance of issuance and maintenance costs of cards: No charge or card change or remembering PINs
- The cost of implementation is minimal on a per ATM basis and highly scalable, both from a technical and operational standpoint: no need to replace ATMs, since you can make an integration to existing ones in a matter of a few hours on-site.
Ejemplo de integración ATM/oficina con datacenter
BAFIS Service applied to eBanking
Financial institution hesitate even now to take full advantage of e-banking because of the inherent lack of security, particularly for lack of assurance of the identity of the end point user.. XELIOS remote access allows banks to have a total assurance who is accessing the system thus providing the assurance to extend the online services offered to customers.
Our solution: XELIOS LibertyPass BAFIS
XELIOS Solution Benefits
- Strong authentication gives each user a biometric token that generates a unique code which is valid only for the current session. When prompted, the user presents the fingerprint (what you are), while the biometric token generates a unique number (OTP – what you know). The two elements constitute proof of identity and confirmation of session integrity.
- This capability is easily integrated into existing infrastructure with numerous benefits beyond the elimination of fraud. One example is the reduction of support costs (the user does not have to memorize a password) and increases productivity in addition a marketing differentiator to attract and retain customers.
- BAFIS provides a rapid return on investment to the institution: the investment cost of the fingerprint sensors for authentication of clients is much lower than the cost of fraud resulting from identity theft and online fraud. Increased customer confidence leads to an improvement of the bank’s reputation and attraction of new customers
Ejemplo de acceso al área segura de un banco online