Download - Ca WebFort from Value perspective
Core Technology
Strong Authentication Made Simple
Online Payments
• Credit & Debit Payments
• B2B Transactions
• e-Funds Transfers
No Hardware Required
Very Simple to Use
More Cost-Effective
Secure Roaming
Web Services
• Secure Email
• Digital Signatures
• Identity Management
Enterprise Portals
• Online Banking
• Supply Chain
• CRM / HRM
• Pharma & Healthcare
VPNs
• CheckPoint
• Cisco
• Nortel
• Aventail
ArcotID = Strong Authentication
• Strongest private key protection available in software
• Something you know - PIN activates ArcotID, similar to hardware smart card
• Something you have - Valid ArcotID with associated unique digital certificate used in challenge – response process
• Protected by Arcot’s patented Cryptographic Camouflage and patent-pending Key Authority technologies• Breakthrough in cryptography
• Creates a hacker-proof container that is immune from offline (brute force or password guessing) attack
• ArcotID can be stored on any supported client device or issued on CD without fear of compromise
• Storage independent: software only version, CD, USB tokens, etc.
• PKI standards compliant: RSA, DSA, PKCS, MS CAPI
Security Provided byCryptographic Camouflage
CA Technologies Solved the Problem
“Since the invention of public key cryptography,
people have been struggling to secure the private
key without the assistance of hardware. CA's
innovative Cryptographic Camouflage
has solved this problem.”
Martin Hellman
Co-Inventor of Public Key Cryptography
& Professor Emeritus at Stanford University
Authentication Alternatives
COST-EFFECTIVE &
CONVENIENCE
S
E
C
U
R
I
T
Y
Weak
Strong
Low High
Username
Password
Hardware
Tokens Smart
CardsArcotID
Software Smart Card
Easy to Use
• ArcotID – ATM like user interface
• ArcotID – HTML form user interface
Deployment Options• Initial identification options
• In-person at the company
• Electronically via activation code
• ArcotID deployment options
• Electronically via the Internet
• Wallet-sized CD deployment
• USB Token
• Optional roaming
• Electronic download anywhere via the Internet
ArcotID: Easy Integration for Web applications
CA Technologies for VPN Solution
CA Technologies VPN Integrations:
•Microsoft Windows 2000 EAP
•Check Point FW-1/ VPN-1
•Cisco VPN 3000 Series
•Nortel Contivity
•Aventail SSL VPN
CA Digital Signing with Adobe
Open a standard PDF Document
Select Digital Signature Tool
Choose Smart Card (ArcotID or hardware)
Enter PIN
Signature Added
Verify Signature
Signed Document
A Better Means of Authentication
Username/
Password
Hardware
Token
Smart
Cards
ArcotID
User Cost
0Friendly Secure Effective Portable Signing
ArcotID vs. Smart Card
• “Hacker Proof”
• RSA 1024 bit
• PKCS #11, CSP
• S/MIME secure mail
• SSL client authentication
• “Hacker Proof”
• RSA 1024 bit
• PKCS #11, CSP
• S/MIME secure mail
• SSL client authentication
ArcotID: Similarities Smart Card: Similarities
• Nothing to forget or lose; No inventory
• Inventory is needed
• Reader deployment and training is required
• Additional hardware and training costs for users
• Cannot use everywhere
ArcotID: Differences Smart Card: Differences
• Easy to use
• Low cost; millions of users
• Use everywhere: Online & Wallet CD options
WebFort Customers (a sample)
FINANCIAL SERVICES ENTERPRISEHealthCare/Pharma
Swedbank
The CA Advantage
More Cost-Effective and User-Friendly Solution
Significantly lower admin, deployment, and support costs
No hardware hassles – no physical device to issue, install or support
Simple to use – with portability for anywhere, anytime access
Easy, Rapid Deployment within Identrus
Seamless operation with signing and email agent plug-ins
In-house and hosted deployment options
Scaleable, lightweight deployment to large user groups
Protect Trust Investments and Maintain Flexibility
Leverage existing bank CA(Certificate Authority) and certificates
Migrate across certificate authorities as needs / requirements change
Market Leader in Transactional Security
Extensive experience
5 year history of innovation as authentication experts
ArcotID Strong Authentication
Step-by-Step
How it thwarts an attack
This patented technology is called
“ Cryptographic Camouflage”
ArcotID Strong Authentication
An unauthorized person
gains access to a User’s desktopIf a
ArcotID Strong Authentication
In his attempt to logon
he is challenged by the ArcotID
If a He assumes that this device is only
protected by a password or PIN
ArcotID Strong Authentication
If a
..but it is also protected by
“Cryptographic Camouflage”
ArcotID Strong Authentication
If a
The hacker launches a offline “brute force”
attack on the ArcotID
ArcotID Strong Authentication
The brute force attack looks for the
combination of characters that will produce
a well formed mathmatically
correct de-crypted key
If a 456789
567890
678901
789012
890123
………
123456
234567
345678
456789
567890
678901
789012
890123
………
ArcotID Strong Authentication
To his surprise... every combination
produces what appears to be a
valid mathematically
correctly formed key
If a
567890
678901
789012
890123
………
123456
234567
345678
456789
567890
678901
789012
890123
………
ArcotID Strong Authentication
In fact, a 6 digit numeric PIN would
produce 1 million keys
If a
123456
234567
345678
456789
567890
678901
789012
890123
………123456
234567
345678
456789
567890
678901
789012
890123
………
ArcotID Strong Authentication
The only way to determine which one is real
is to log onto
the online
application
If a If a 345678
456789
567890
678901
789012
890123
………123456
234567
345678
456789
567890
678901
789012
890123
………
ArcotID Strong Authentication
….and try it.
After 3 attempts the ArcotID is disabled!
If a If a 345678
456789
567890
678901
789012
890123
………123456
234567
345678
456789
567890
678901
789012
890123
………
xx …and an email alert
is sent
to security
ArcotID Strong Authentication
Thank you