About Us  |  Search  | FAQ  | Contact Us
Risk Management
Human Resources
Smarts Cards
Optimise CRM
Data Warehousing
Disaster Recovery
Swift Messaging
BPM & Workflow
Capital Markets
Global Custody




Strong, simple authentication and signing


The e-commerce revolution has begun and there is no turning back. Yet for all its convenience and efficiency, online commerce both commercial and consumer is not expanding at the rate predicted.

Certainly current economic conditions are contributing to slow growth but that is a cyclical issue. The systemic issue is the lack of strong authentication and signing for e-business transactions. The ability to securely transact business online and transfer funds globally across banking borders is dependent on securely authenticating participants and digitally signing transactions.

Until recently the prescribed method for strong authentication was a smart card. For good reason, smart cards employ PKI digital certificates_ the standard for digital authentication and signatures. They strongly protect the user's private key with hardware. In short, smart cards are an excellent deterrent to fraud, providing very strong authentication and digital signing.

However, certain characteristics of smart cards simply do not support the needs of today's business environment. These include:

A. Lack of ubiquity end-users are severely limited by the need to access to card readers

B. Difficult to deploy especially for wireless devices such as PDAs or mobile phones

C. Costly to administer and support requires manual deployment and re-deployment of lost or broken cards. Reader installation requires customer call support

D. Expensive not cost-effective for large, distributed user communities

These limitations of smart cards will only become more acute as e-commerce continues to expand globally and user demand for mobility and flexibility expand with it. The challenge is to address the problem with a solution that makes business sense reducing fraud without introducing undue friction in the business transaction.

It is a universal problem and it requires a universal solution a solution that can be easily and inexpensively deployed, is simple to use and doesn't require investment in a new hardware infrastructure. Arcot believes what is needed is a software or virtual smart card, one that has all the desirable characteristics of the physical smart card - strong authentication and digital signing in a tamper proof container - but one that can be distributed and shared electronically across devices and throughout Web, VPN, and wireless environments.

The Virtual Smart Card
In late 1997, at the onset of the e-business revolution, Arcot began developing a unique approach to strong authentication based on a breakthrough called "Cryptographic Camou- flage." The challenge was to develop an authentication scheme that offers the same security elements as a smart card, but is practical, flexible, affordable and simple to use. Arcot's patented Cryptographic Camouflage solves this problem by protecting a user's private key in a tamper-proof software container so that a user's credential can be securely stored on multiple devices / PC's without fear of compromise.

The result of this effort is the ArcotID digital credential, which is the core of the WebFort product for strong authentication and signing for non-repudiation. WebFort addresses all the limitations of a smart card approach. The ArcotID can be distributed and ported across devices and throughout Web, VPN, and wireless environments. Users are strongly authenticated without fear of compromise through a simple ATM-like (bank card) user interface where the user's PIN is never stored and known only to the end user. The WebFort solution combines the security and strength of a physical smart card with the ease of use and administration of username / password.

"Since the invention of public key cryptography twenty-five years ago, people have been struggling to secure the private key without the assistance of hardware. Arcot's innovative Cryptographic Camouflage has solved this problem. Finally there is a cost-effective and convenient means to strongly authenticate users and transactions over the Internet without the need for cumbersome hardware."
Martin Hellman, Inventor of Public Key Cryptography - Professor Emeritus at Stanford University

Today, the ArcotID and WebFort are used in a broad range of industries and applications including healthcare, financial services, and enterprise applications such as supply chain management.

Online Banking
A combination of flexibility, strength and simplicity make WebFort and the ArcotID ideal for banks that need to strongly authenticate their customers to a banking services portal whether that be for wholesale / commercial banking customers or high net worth private clients. The Arcot solution can provide strong authentication and digital signing across an array of services such as cash management and treasury, credit and loan, brokerage and trading, purchasing, trust, and foreign exchange.

Arcot and Visa
Arcot's demonstrated expertise in leading authentication solutions led Visa International to strike a strategic relationship and investment in Arcot to develop the next generation of payment authentication solutions. Arcot's work with Visa has resulted in the development of Arcot TransFort, a real-time, strong transaction authentication solution that enables secure payments and signing using any payment method: credit card, debit card, e-ACH and any combination of PIN, smart card, or ArcotID authentication methods.

The Visa requirement was to develop an online authentication process with the same protection against fraud as the physical "card-present" world, but with a minimum of impact on the merchant and cardholder. In the Visa approach, the merchant requests the issuing bank to verify the cardholder's identity at the time of transaction. Authentication occurs during the course of the purchase with virtually no change to the customer checkout process or the merchant's transaction and order processing. TransFort is the first software solution available on the market for the global Visa Authenticated Payment Program and includes both bank and merchant software components to enable a secure transaction.

Arcot TransFort for Payment Authentication
TransFort is ideal for any e-payment application that requires immediate, strong, non-repudiated authentication of a payer's identity with minimal impact to the underlying business processes and customer interactions. This solution is available directly from Arcot as well as through major solutions providers such as Accenture, Cap Gemini Ernst & Young, Price Waterhouse Coopers, Sun Microsystems, Compaq and others.

Arcot and MasterCard
Arcot has been asked by MasterCard to develop a version of TransFort to support its Secure Payment Application (SPA) protocol. Efforts are currently underway to develop the first payment authentication solution that supports both the Visa 3-D Secure protocol and MasterCard's SPA protocol.

Arcot and Identrus
Identrus is continually working to adopt and improve technologies that can accelerate the growth of secure e-business. Arcot's "software-only" approach to strong authentication is of strong interest to Identrus and many of its member financial institutions.

Arcot has addressed a major issue in the interoperability of Identrus authentication with its universal Signing Interface (SIR), developed specifically for its Identrus-compliant version of WebFort. The SIR recognizes the ArcotID tamper-proof container (containing identity keys and utility keys from any certificate authority) as well as physical smart cards (from any manufacturer). In this way, Arcot does not favor one authentication method over another and allows the bank or institution to determine the best method or methods for its needs.

Arcot and Swift
Arcot is also working closely with Swift as part of its TrustAct Service. An Internet-based messaging service, the Swift TrustAct Service enables financial institutions to provide secure delivery and receipt of B2B Internet messages by validating the identity of corporate entities. For businesses, TrustAct adds bank assurances to business transactions while removing the burden and uncertainties of validating certificates. Businesses can exchange messages on the Internet while identity assurance (authentication) is added transparently.

Complete Security for VPNs
VPNs have been wildly popular because of the tremendous cost savings they offer in providing customers, partners and employees access to a company's network resources. However most VPNs are secured only by simple username-password authentication. Arcot introduced Arcot for VPN to address the need for strong, simple and affordable user authentication for VPN users. The solution has been streamlined for the simplest possible installation and administration. The solution has replaced hardware tokens as a means of authentication for a broad range of companies across industries. The solution is offered directly from Arcot and through security resellers of firewalls, VPNs and hardware tokens.

High-performance Access Control
In transactional security the first step is to verify who you are, the second step is to manage what you can do. To this end, Arcot has introduced AccessFort, the industry's first high-performance access control server. It provides four to five times the performance of other products in the transactional security market. AccessFort was designed for the growing number of e-commerce applications that are managing increasingly complex user rights and privileges, as well as serving thousands of concurrent active users.

Integrated Best of Breed
Arcot has developed a complete suite of simple, strong solutions for securing e-business applications in demanding Internet-scale, transactional, and wireless environments. Each solution stands on its own as "best of breed" in its category. Together they form a scalable, powerful, and complete transactional security solution suite. The following attributes are designed into every Arcot product:

A. Scalable - software-only solution easily scales to millions of users / transactions

B. Secure - hardware-class protection with digital signatures for non-repudiation

C. Easy - software deployment and support with low overhead administration

D. Simple - very user friendly ATM (bank card) interface

E. Flexible - multi-platform (Internet, VPN, wireless)

Each of the Arcot solutions offers the same strategic advantages of scalability, strong protection, ease of use and administration and each is a best of breed solution by itself. Together they can create powerful security infrastructures. WebFort integrated with AccessFort delivers hardware-strength single sign-on with transactional performance and scalability. Combining strong, simple authentication with high-performance access control will prove critical in providing trusted payment and financial services for the future.





Decision Cycle
Web Enabled
Drivers for STP
Personal Touch
Micro Finance
Intelligent hub
Treasury Solutions
Mobile e-commerce
Copy of Supplier Financing
Relationship Management
Data Management
Rise of e-commerce
Computer Crime
FX deals
Intranet Problems
Operational risk
Successful e-commerce
Wireless payments
Net Impact



Home  |  About Us  |  Search  | FAQ  | Contact Us