Products     Downloads     Purchase     News     Security Education     Support     About     Sitemap

digital signature and encryption solutions for the finance industry

 

  

Case Study - Bank & Customer communication


The following case study shows how a bank has been able to use FileAssurity with its customers to simplify a current system, reduce their operational costs at the same time as increase the overall security of one of their systems.


The business problem

A bank receives a number of CD-ROMs from their customers containing payroll information that the bank must process every two weeks.  At the moment these are sent by the customers by courier, received by the bank and then processed.  They would like to move to an Internet based solution but legislation requires them to encrypt all personal and financial data transferred electronically.  They have an internal PKI service but can’t interoperate with their customers.


The ArticSoft result

Setting up the system

The bank acquires a number of copies of FileAssurity for their and their client’s use.  They use one copy internally, into which they load a PKI identity from their internal PKI service, which is to be the identity that their customers will recognize.

Each customer receives a copy of FileAssurity and either generates their own identity using its key generation facility or, depending upon internal circumstances and requirements, uses a PKI identity from their own system or buys a PKI identity from one of the commercial suppliers.

The bank sends a copy of their public key to each of their customers, and publishes it on their web site for customers to cross-reference.

Customers using their own generated keys send them to the bank together with a letter authenticating the public key.  Customers who have purchased publicly verified identities also send their public keys but the bank may accept the public authority provided it can be verified.


Operating the system

When a customer wants to send payroll data, they use FileAssurity to digitally sign and encrypt the file for the bank.  Directly from FileAssurity they are able to send the protected file to the bank using e-mail. That information is protected before it is attached to the e-mail and cannot be exposed at any time.

When the e-mail is received by the bank, the operator double clicks on the protected attachment.  If it is encrypted for the bank it will be decrypted automatically and the digital signature verified.  The operator is then able to check that the company digital signature corresponds to the payroll information that has been received.  Once this has been checked the file can be input to the payroll process directly.


The direct benefits

The bank has reduced its physical handling costs and removed some internal processes.  There is also a reduced storage cost because the protected file received automatically links to the sending customer and it can be put onto backup without any further requirements for manual authentication that an unprotected file would create.

The customer has reduced their physical handling costs and removed the courier costs entirely.

Both comply with regulations governing the privacy of information.  And unlike other solutions there is no risk of the information they are exchanging being hacked, passed through a spoof site or exposed whilst sitting on a web server or a mail server.  The result is a far stronger security service than SSL or password based solutions can provide.

The cost of implementation is less than the costs incurred sending one set of payroll information.  An enormous ROI.


Additional benefits

The bank is now able to send the payroll reports back to their customers using FileAssurity.  They can be certain that only the authorized customer can read the results, and turn around of the system is now the same day rather than delays previously incurred by courier or post.
digital signature and encryption solutions for banking 

 

 

© Copyright 2001-2003 ArticSoft Limited.  All rights reserved.  Page updated 19 Feb 2003.