Copyright © DS3 - Data Security Systems Solutions Pte Ltd 2011 - www.DS3global.com - [email protected] - All rights reserved Key Features of DS3 Authentication Server: — Choice of s trong authenticati on vendor mix for lowest Total Cost of Ownership — Multi-factor authent ication for privil eged users — End-to-end encryption for sensitive data — FIPS-140 Level 3 certified HSM to perform cryptographic operations — High Availability, high performance and scalability Compliance: The Need for Security Increase of Threats Cyber threats such as credit card fraud, identity theft and data breach have risen as an increasi ng number of people are going online to conduct financial transacti ons. Millions of people all over the world have been affected. People have become a constant target for cyber criminals who use spyware, key loggers, botnets, Trojans, phishing, pharming, shortened web addresses and even social media. Regulations and Guidelines In order to counter this, several countries and industry organizations have taken the lead to safeguard customers and to help businesses through regulations and guideli nes. - The Monetary Authority of Singapore has published their Internet Banking and Technology Risk Management Guidelines (IBTRM) which are considered to be the most stringent in the world - The world’s leading card brands collaborated to create an industry-wide framework known as the Payment Card Industry (PCI) Data Security Standard (DSS), a set of best practices designed to secure credit card data throughout the information lifecycle for storing, processing and transmitting cardholder data . DS3 Authentication Server Compliance The DS3 authen tication serve r is compliant with bot h IBTRM and PCI DSS, which should be seen as an insurance policy, protecting your business from the financial costs of failing to secure identity and transaction data. With DS3, you can be assured that our solutions can be part of your IT investment to achieve industry guidelines, regulations and compliance. Overview The DS3 Authentication Server has a proven track record in staying ahead of technological innovations and trends. It has received certification for RSA Secured® Partner Program, Mastercard EMV CAP AA4C and (as first) OATH program for both HOTP and TOTP server prof iles. (Also supporting OCRA) The DS3 Authentication Server is a full fledged authentication security solution in an appliance (also available under VMWare®), providing End- to-End Security for passwords and highly sensitive information to secure electronic transactions. It is a high security and high performance system that has the ability to support millions of users with different types of authentication methods and different types of tokens. The combination of power and flexibility reduces implementation risks and de creases the Total Cost of Ownership (TCO) . Token Agnostic Approach The multi-authentication, multivendor, multi- domain and multi-token agnostic approach assures: - Lower Total Cost of Ownership (TCO) - Freedom of vendor token selection - Flexibility in deployment and migration There is no lock-in to any token vendor, giving the flexibility of deploying and switching tokens on your demand, while maintaining a good balance among costs, convenience and risks. Strong Authentication Choice A large variety of methods are supported - including: Vasco/DIGIPASS, RSA/SecurID tokens All OATH OTP tokens (HOTP – TOTP - OCRA) USB key tokens - including hybrid tokens (OTP & PKI) EMV CAP tokens (Mastercard EMV-CAP / PLA - 4AAC) PKI X.509 tokens (using any C A or the embedded CA) SMS One Time Password (logon and transaction) Mobile phone (iPhone, Android, BlackBerry, J2ME) Scratch and matrix cards – PIN TAN lists Micro SD cards Flexible OTP display cards And also one-factor authentication: Static password authentication Partial Password authentication