Post on 28-Apr-2018
Moser Baer Group – 25 years of excellence
Introduction to the Moser Baer Group
• Established in 1983
• 25 years legacy as India’s leading technology manufacturing company
• 8,000 Employees
• Rs11,000 Crores in Assets (~$2.5Bn)
• Rs 16,000 crores (~$3.6Bn) under execution
• Global presence – operating in 23 countries world wide
• Diversified portfolio of businesses
• Leadership position in most of the businesses.
The Internet has become a necessary part of doing business. But with the growth of the
Internet threats from hackers, network snooping devices have become a cost of doing business.
Security issues
•People apply the same password for all applications which is not enough secure.
•Internet is used for business transactions without physical authentication.
•Data Theft Losses in tune of $60 billion reported in US alone.
•Indian Banks lost Rs. 12.6 crores in cyber frauds in 2010-11
Security Scenario
IntentionalIntentionalAccidentalAccidental TargetedTargeted
Data intentionally Data intentionally compromisedcompromised
Thief steals asset based on Thief steals asset based on value of datavalue of data
Loss due toLoss due tocarelessnesscarelessness
System disposal or System disposal or repurposing without repurposing without data wipedata wipe
System physically lost in System physically lost in transittransit
Insider access to Insider access to unauthorized dataunauthorized data
Offline attack on Offline attack on lost/stolen laptoplost/stolen laptop
Theft of branch office Theft of branch office server .server .
Theft of executive or government Theft of executive or government laptoplaptop
Direct attacks with special Direct attacks with special hardwarehardware
Moserbaer Offerings : Crypto Token
• Highly Secure FIPS certified Authentication Device
• PKI Technology provides two factor authentication
• Real time connected device for enhanced security.
• Easy to install , integrate and use.
Key Highlights
Applications
• Secure Network/Application Logon
• Secure E-mail Communications
• Secure Storage of Digital Signature
• Secure Access to VPN/Remote Access Server
• Secure Access for Extranets & Intranets
• Secure On-line Banking / Stock Brokerage
• Secure e-Tendering/e-Procurement
Scenario 1 – Single factor Authentication
Employee opens the
browser and enters
the company
website address
Employee provides his user
id and password and gets
“single factor
authenticated”
Employee gets access to
his company’s
confidential data meant
only for employees.
Unintentionally/
Intentionally the
password is
compromised or
somebody hacks
into his system.
The hacker provides
the details and easily
gets authenticated
The hacker gets access
to the company’s
confidential data meant
only for employees.
Thus the security of the
highly confidential company’s
information is easily
compromised
Authentication : Use Case for VPN Access
Scenario 2 – Two factor Authentication
Employee provides his password
and security PIN. In addition he
has to insert the token to get
“Two factor authenticated”
Unintentionally/
Intentionally the
password is
compromised or
somebody hacks
into his system
The hacker provides all the
required details but since he
doesn’t have the token, he
doesn’t get access.
Authentication : Use Case for VPN Access
Employee opens the
browser and enters the
company website
address
Employee gets access to
his company’s secure
data/application
Thus by using an
Moserbaer Crypto USB
Token, additional layer of
security is provided which
keeps the company’s
confidential information
secure
Most Popular Application : Storing DSC
What is a Digital Signature?A digital signature is an electronic signature that can be used to authenticate the identity of an individual and also used for digital signing of documents.
What is a Digital Signature Certificate?
Digital signature certificates (DSC) are the digital equivalent (electronic format)of physical or paper certificates like drivers' licenses, passports or membership cards.
Advantages of DSC
•Authentication
•Integrity
•Confidentiality
•Non Repudiation
How do you get a DSC?
• A licensed Certifying Authority (CA) issues the digital signature certificate.
Certifying Authority (CA) is being granted a license to issue a digital signature
certificate under Section 24 of the Indian IT-Act 2000. There are 7 Licensed CA’s.
• All these CAs are headed by Controller of Certifying Authorities (CCA). CCA certifies
and audits the technologies and practices of all the CAs.
• These CAs in order to have a better reach have authorised Registration Authorities
(RAs) who are responsible for issuing DSC to user.
9
1. TCS
2. NIC
3. Emudhra
4. Safescrypt
5. Ncode
6. IDRBT
7. MTNL
Benefits
• Top Level Security
FIPS certified(FIPS 140-2 level 3) token with strong crypto algorithms like RSA 2048,
elliptic curves and SHA 2.
• High Interoperability
Interoperable with most of the organizations’ existing networks and OS like Windows
XP, Vista and Windows 7
• Easy to install, integrate and use
User friendly interface and Help available makes it convenient to perform all operations
• Innovative Design and Packaging
An elite product with driver/informative CD packed in an attractive retail pack.
• Local Support
Exclusive benefit of locally available Sales and service support
• Replacement Warranty
1 year replacement warranty
Moserbaer Offerings : OTP Token
Key Highlights
•Highly Secure OATH Compliant Authentication Device
•Independent of any additional software or hardware.
•Easy to integrate and use.
•Offers true zero footprint based two factor
authentication
•Long Life results in low cost of ownership
Applications
• Secure Network/Application Logon
• Secure E-mail Communications
• Secure Access to VPN/Remote Access Server
• Secure Access for Extranets & Intranets
• Secure On-line Banking / Stock Brokerage
• Secure e-Tendering/e-Procurement
Applications
• Secure Network/Application Logon
• Secure E-mail Communications
• Secure Access to VPN/Remote Access Server
• Secure Access for Extranets & Intranets
• Secure On-line Banking / Stock Brokerage
• Secure e-Tendering/e-Procurement
Scenario 1 – Single factor Authentication
Customer opens the
browser and enters the
bank’s website
Customer provides the password &
gets “single factor authenticated”
Customer gets access to
his account details
Unintentionally/
Intentionally the
password is
compromised or
somebody hacks into
his system.
The hacker provides
the details and easily
gets authenticated
The hacker gets access to
all of customer’s account
details.
Authentication : Use Case for Banking
The customer ‘s highly
confidential information is at
high risk.
Scenario 2 – Two factor Authentication
Customer opens the
browser and enters the
bank’s website
.
Unintentionally/
Intentionally the
password is
compromised or
somebody hacks
into his system
Thus by using a Moserbaer
OTP Token, additional layer
of security is provided
which keeps the customer’s
highly confidential account
information secure.
The hacker provides the password but since he
doesn’t have the OTP Token, he cannot provide
the OTP (One Time password) and hence doesn’t
get access.
Authentication : Use Case for Banking
Customer provides his password.
But in addition he has to provide
the OTP (one time password)
generated through the OTP Token
to get “Two factor
authenticated”
Customer gets access to
his account details
Technical Specifications
On‐Board Security Algorithm � OATH Compliant Time/Event-Based
Component � Built-in Button
� 8-character LCD Screen
� Globally Unique Serial Number
Dimensions � Length: 55.9mm
� Width: 26mm
� Depth: 10mm
Weight � 12.3g
Hardware Certification � RoHS Compliant
Operating Temperature � 0oC – 50oC
Storage Temperature � -20 oC - 70 oC
Water Resistance Certificate � IP54 (Ingress Protection)
Casing � Hard molded plastic (ABS)
� Tamper evident
Key Storage for OTP Security Algorithm � Static Random Access Memory (RAM)
Memory Data Retention � Standard Lithium Battery
� Battery Lifetime of 3-5 years
Battery Lifecycle � 3-5 years
Customization Available � Company logo printing
Benefits
• Easy to use
– Users need to press only the button to generate a dynamic password.
– Hassle free Operation : No need of any additional software or hardware
• High security
– Dynamic one time passwords generated using high security standard algorithm.
– Connectionless device offers true zero footprint based two factor authentication
• Low total cost of ownership
– Durable battery provides long life of almost 5 years.
– High security authentication mitigates potential risks of loss
• High Interoperability
– Easily installed/integrated with the company’s/bank’s existing IT and authentication
infrastructure
– No need of any change in the existing underlying functionality
Moserbaer Offerings : Encrypted USB Drive
Key Highlights
•AES 256 based hardware encrypted USB drive
•Used for Secure storage and transfer of data
•Real Time encryption process provides high level of security.
•Separate partition for encrypted data provides flexibility.
•Portable and easy to use USB device
•Available in variety of casings
Application• Government
• Education
• Healthcare
• Banks and Financial Institutions
• Legal
• Corporate
• Cloud Computing
• Database Companies