eTrust Center - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

eTrust Center

Description:

In Saudi Arabia, on-line banking is improving very rapidly & client base is expanding. ... gateway enabling merchants to accept Credit Card payments over the internet ... – PowerPoint PPT presentation

Number of Views:121
Avg rating:3.0/5.0
Slides: 21
Provided by: sultanal
Category:
Tags: accept | card | center | credit | etrust

less

Transcript and Presenter's Notes

Title: eTrust Center


1
etrustcenter.com.sa
2
eBanking services
  • Banking is a high-tech, fast moving business.
  • In Saudi Arabia, on-line banking is improving
    very rapidly client base is expanding.
  • Most Saudi Banks is providing e-banking services
    over the internet.
  • three banks have already implemented Internet
    Payment gateway enabling merchants to accept
    Credit Card payments over the internet
  • Saudi Banks are providing Corporate e-banking
    services.

3
Banking and security
  • Dealing with high-risk/high-value transactions,
  • Internet banking has its own risks which pose a
    challenge to banks and SAMA as a supervisory
    authority.
  • Banks are exposed to many risks that are similar
    to those of other businesses. However, banks are
    subject to greater security and operational risks
    and therefore must provide adequate controls to
    reflect these.
  • This should not be left to the initiative of
    banks
  • only SAMA had undertaken a key role in this
  • respect.

4
Challenge
  • Security A user ID/password combination simply
    isn't secure enough to safeguard commercial
    banking services that typically involve millions
    of riyals on the Internet. Both the ID and
    password are easy enough to steal or guess.

5
Solution
  • Use unique electronic identities produced by
    Saudi banks.
  • Digital IDs let Internet trading partners
    conclusively identify one another online, ensure
    communications haven't changed in transit, and
    add a digital signature

6
The eTrust Center
  • The eTrustCenter is a specifically designed
    secure computing facility created to provide the
    Saudi financial community with a Public Key
    Infrastructure (PKI) to support their ecommerce
    initiatives.
  • The eTrustCenter went live to the Banks Sep. 2004

7
eTrustCenter .. cont.
  • The eTrustCenter provides the ability to issue
    and manage digital certificates to the financial
    sector.
  • Certificates to provide application-level
    security features, such as data encryption, user
    authentication, digitally signing messages.
  • Certificate validation services.

8
PKI is not new to our banking sector
  • SAMA have adopted a small scale PKI in 1997 in
    SARIE (the national RTGS) system
  • All payment transactions in SARIE are secured
    with digital signatures.

9
Who is involved in eTrustCenter
  • All the 11 Saudi Banks.
  • SAMA
  • Baltimore Technologies
  • Currently (Cybertrust)

10
PKI Use
11
Usage of PKI in SPAN2
  • Store Certificate
  • Use Cert for Authenticity
  • DES Key Exchange
  • Digital Signature
  • Member Bank Interface
  • POS ATM Terminals

12
Usage of PKI in SARIE
  • Store Certificate
  • Use Cert for Authenticity
  • Digital Signature (Transactions)
  • Bank Gateway
  • User Authentication

13
Usage of PKI in B2B ePayment
  • Store Certificate
  • Use Cert for Authenticity
  • Digital Signature (Transactions)
  • Corporate Users
  • Bank Gateway

14
Usage of PKI in Banks
  • SADAD project
  • Secure E-mail
  • Corporate Banking B2B
  • Other Internal use

15
PKI Hierarchy
16
Environments
Production Environment
Testing Environment
Staging Environment
Test Root CA
SAMA Root CA
OCSP Service
OCSP Service
OCSP Service
Infra. CA
Infra. CA
Infra. CA
Shared CA
Shared CA
Shared CA
Bank RA
Bank RA
Bank RA
Bank RA
Bank RA
Bank RA
Bank RA
Bank RA
Bank RA
Bank RA
17
eTrust Center CA
  • One Shared CA.
  • Shared by all banks to issue Certificates.
  • Efficient way to start the project.
  • Can operate different Certification Authorities
    when needed
  • support further improvements
  • To be linked with the global Banking PKIs

18
eTrust Center RA
  • Registration services
  • The WebRAO (registration officers) reside and
    are operated by individual banks within the
    kingdom.
  • Banks are responsible for the registration of
    end entities who will be issued certificates
    by the eTrustCenter.

19
In conclusion,
  • I firmly believe that the national PKI initiative
    have a bright future. Adopting of standards in a
    national bases and having the concerned parties
    working together
  • We hope that such events will increase the
    awareness as well as lead to the further
    development, which will help to more utilization
    of the internet and electronic channels and will
    strengthen our economy.

20
I thank you for your attention. Yagoub
Al-Suliman
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "eTrust Center" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!