3. VASCO update
VASCO, the Full Option, All-Terrain Authentication Company
VDSI - Financially healthy & profitable.
Top-100 fastest growing IT-
companies in the world.
VASCO Data Security 3
5. Full option, All terrain
Verticals & segments
VASCO Data Security 5
6. Full Option & All-Terrain
All-Terrain = All applications/technologies
Healthcare Automotive B-to-B Social Security E-brokerage E-banking
E-commerce E-government Publishing Industry Education Online gaming
VASCO’s products are used in over 50 applications
VASCO Data Security 6
7. Banking References
• Over 1500 international financial institutions put
their trust in VASCO’s solutions & deployments.
VASCO Data Security 7
12. TOP 20 of passwords used
VASCO Data Security 12
13. TOP 20 of passwords used
VASCO Data Security 13
14. Human Behaviour…
42% used lowercase letters from "a to z“
only 6% mixed alpha-numeric and other characters
many of the top 20 passwords used were names
nearly 2,000 of the passwords were only 6 characters long
the longest password was 30 characters –
“lafaroleratropezoooooooooooooo”
VASCO Data Security 14
19. High Tech Fraud Schemes
On the global black market (Symantec, accounts.com):
• Your e-mail password is worth $4.00
• Your credit card number is worth $0.40
• Your social security number is worth $1.00
• Your bank account is worth $10.00
• Your level 70 undead rogue with quest blues and a flying mount is worth $425.00
VASCO Data Security 19
21. QUIZ
• Do you recognize this?
• How many (different) passwords do you have to remember?
• Do you write down your passwords (or keep them in a file)?
• Is your static password at least 8 characters long ?
is it a combination of numbers, symbols and letters?
• How often do you (have to) change your passwords?
• Have you ever given your password to someone else?
• Passwords can be guessed, stolen, hacked, …
• Password Sharing, Shoulder Surfing......
• How can I be sure that you are really the one you say you are?
VASCO Data Security 21
22. PASSWORD CHECKER
rTyx*pK2%9
http://www.howsecureismypassword.net
VASCO Data Security 22
23. Cheapest solution...
I’m safe for 17.000 years….
my password is
rTyx*pK2%9
invented by xxx today
forgotten by xxx tomorrow
So, call help desk…or use smart technology
VASCO Data Security 23
24. So, what about your (on-line) business?
VASCO Data Security 24
25. The Password Challenge
User 1:
“I have to remember about 20 passwords…”
User 2:
“I have to change them every 30 days”
User 3:
“All should be different so if one password is
compromised all others are not.”
VASCO Data Security 25
26. The Staff Authentication Challenge:
CEO:
„Employees use passwords of their colleagues
to get access to information they are not
entitled to see!“
VASCO Data Security 26
27. The Staff Authentication Challenge:
Sales Director: Authentication Challenge
The Mobile Staff
„My team needs access to the corporate network
and their e-mail wherever they are.
It should be very efficient when they are in the
office and very safe when they are somewhere
out, especially when using an Internet Cafe.”
VASCO Data Security 27
28. The Staff Authentication Challenge:
General Manager:and Access Challenge
The Data Protection
„The laptop of my closest staff member was stolen
out of the car recently. I‘m extremely alarmed
that the sensitive data on it finds its way to our
competition.”
VASCO Data Security 28
29. The Staff Authentication Challenge:
Marketing: Authentication Challenge
The Cloud
„We need to reliably authenticate our customers
when they access our online services. “
VASCO Data Security 29
30. The Staff Authentication Challenge:
CTO The weakest link….
„We have invested $$ in Firewalls, VPN, SSL-VPN,
online applications, anti spam, anti-virus, content
filtering, web traffic management tools, etc…
But the weakest link is the colleague ! “
VASCO Data Security 30
31. Why are you a potential cybercrime victim?
You are connected and as a consequence you have:
• an infrastructure to test a virus
• a server connected to the web for storage of illegal
content
• a temporary system for illegal activities
(spamming, botnet, …)
• bandwidth to share
• information which is valuable on the black market
(Personal, financial or business info)
VASCO Data Security 31
32. So…Why not use smart
technology instead?
VASCO Data Security 32
37. The concept: GENERATION of OTP
•Digipass calculates One Time Passwords (OTP)
•One time passwords cannot be reused, stolen or hacked
OTP
Encryption Algorithm
Key Time
VASCO Data Security 39
38. The concept: VALIDATION of OTP
Client Side Server Side
Internet
Encryption Algorithm Encryption Algorithm
Key Time Key Time
• Need for Secure Transport & Secure Storage of secret key
• Need for Synchronization of time
VASCO Data Security 40
39. The concept: GENERATION of Electronic Signatures
•Digipass calculates Electronic Signature
•MITMA countermeasure
OTP
Encryption Algorithm
Key Time Data fields
VASCO Data Security 41
40. Authentication – It’s a trade off…
Standards Deployment
OTP / Signature Helpdesk
Procedures Price
User Friendliness
User Acceptance
Portability
Customer type
VASCO Data Security 42
41. IDENTIKEY Server- The Brain & the Heart
Front-End Integration Web-based Command
Administration Line TCL
• User & DIGIPASS
Administration
• Reporting
Apache Tomcat Webserver
SOAP SOAP SEAL
Customer Web
Applications Back-End
Authentication
SEAL
RADIUS
LDAP
RADIUS
IIS Web via Windows API
Applications via Custom API
ODBC LDAP/LDAPS
SEAL-S
AD U&C
PostgreSQL AD
RADIUS Client
Datastore Directory
Windows Desktop Login
UnConnected Connected Server Login Terminal Server Login
VASCO Data Security 43
42. Remote Site: Server Solutions
Vasco has multiple solutions to protect your network and applications:
SOFTWARE HARDWARE SERVICES
Plugins:
•Microsoft IAS
•Juniper SBR
•Novell NMAS
•Imprivata
•AEP
•RACF
•Siteminder
VASCO Data Security 44
43. DIGIPASS AS A SERVICE
DIGIPASS as a Service is a managed authentication solution
DIGIPASS as a Service offers security for multiple applications:
•SaaS solutions
•online gaming
•e-learning applications
•online subscription services (e.g. magazines and newspapers)
•licensed services
•e-government applications
•e-healthcare systems
•e-commerce applications
•e-banking applications
•online insurances applications
•intranet/ extranet
VASCO Data Security 45
44. CLIENT SIDE: DIGIPASS Factory
DIGIPASS GO range with e- DIGIPASS e-signature devices
signature capability
DIGIPASS Software
range
DIGIPASS PKI range for
authentication using digital DIGIPASS card reader range for authentication using
signatures electronic and digital signatures
VASCO Data Security 46