APKIC Finance Network Proposed by 2010 10 28 1

Зарегистрируйтесь, чтобы просмотреть полный документ!

APKIC Finance Network Proposed by 2010/10/28 1

李嘉銘 Peter LEE n n Chinatrust Commercial Bank n Working over 10 years n Focus on e. Banking / Mobile Banking security p PKI p OTP p HSM p ICC n Fire 3 patents in Taiwan p Short Message OTP p Voice OTP p Display ICCard Reader The Bankers of Association of R. O. C n A team leader of Information Security Tech. n Establish & maintain a internet banking regulation document for all banks in Taiwan 2

Agenda p As Is (example) p To Be (example) p Scenarios (example) p Project Plan p Activity in IOWG 3

As Is -- Local transaction in Chinese Taipei Remittance channel(Web. ATM) Chinese Taipei Balance Inquiry Bank. A A/C-A $xxx Bank. B A/C-B FISC TW Bank A Bank B $xxx FXML message channel (Web. PKI) Domestic Remittance Debit -Bank. A A/C-A $xxx Web. ATM Credit -Bank. B A/C-B $xxx Web. PKI User FISC : Financial Information Service Company (is FIEC) FIEC : Financial Information Exchange Center Remittance channel : 通匯電文 4

As Is-- Local transaction in China 現代化支付 2. 0 人行 CN Bank C Bank D Balance Inquiry A/C-C $xxx Bank. D 中国银行、行、农行、建行、中信、招行、民生、华夏、兴业 Bank. C A/C-D $xxx Domestic Remittance Debit -Bank. D A/C-D $xxx Credit -Bank. C A/C-C $xxx PKI User 人行 : The Bank also is FIEC : Financial Information Exchange Center 5

As Is -- Local transaction in China and Chinese Taipei China 現代化支付 2. 0 FXML message channel FISC TW 人行 CN Bank C Bank D Bank A Balance Inquiry Bank. A A/C-B Balance Inquiry $xxx Bank. B Bank B $xxx Bank. C A/C-C $xxx Bank. D A/C-D $xxx User PKI Web. PKI 6

To Be -- Asia PKI Network S. Korea China APKIC Finance Network India Chinese Taipei Hong Kong 7

To Be -- Local transaction in China and Chinese Taipei China Chinese Taipei 人行 CN 現代化支付 2. 0 FXML message channel FISC TW 人行 CN Bank C Bank D Bank A Balance Inquiry Bank. A A/C-B $xxx Bank. C A/C-C $xxx Bank. D A/C-D Single Bank Single Entry Single View $xxx Bank. B Bank B $xxx User PKI Web. PKI 8

Scenario 1 China Chinese Taipei CA Bank Exchange Center in in Chinese Taipei China CRL Debit Bank & RA Use PKI to do. . 1. Make a payment by Web 2. Remittance by SWIFT 3. Get Money from ATM 9

Scenario 2 China Chinese Taipei CRL CA Bank Exchange Center in in Chinese Taipei China Debit Bank & RA Use PKI to do. . 1. Make a payment by Web 2. Remittance by SWIFT 3. Get Money from Supermarket 10

Project Activity p Activity n Design role and responsibility n Design infrastructure n Design messages formats and flows p Balance Inquiry (Phase I – 2010/11~2011/9) p Remittance (Phase II – 2011/11~2012/9) n Develop p Message Exchange System p Sender & Receiver System n Testing n Feasibility Assessment 11

Project Schedule 2010 11 12 2011 01 02 03 04 05 06 Phase I 07 08 09 Kick off Architecture Message Development Testing Assessment Report Kick off How many Countries? Which Bank, CA? Who is Exchange Center? Who is pilot customer? Architecture How connect? How protect message? What kind of protocol? What kind of service? How access PKI device? Check point : report to APKIC IOWG Message What kind of message type? Should follow standard? Which standard? How to deliver others EC? 12

Project Scope Phase I – Balance Inquiry 2010/11~2011/9 Phase II – Remittance 2011/11~2012/9 Phase I CA 1. Issue a certificate 2. Publish a CRL Exchange Center(CA) Bank – job 1 1. Provide a Web service 2. Make a balance signature 3. Send message to EC 4. Display balance on page 1. Provide a Web service 2. Verify ip, message and transfer to EC or Bank 3. Logging and tracking Bank – job 2 0. Request a certificate 1. Receive message 2. Verify signature & cert 3. Response balance info.

Project Cost Phase I CA US$50 K per Bank 1. Certificate 2. RA system US$20 K per CA CRL Exchange Center(CA) Bank – job 1 1. Hardware Server US$10 K 2. Web Server 3. Web Application 4. A Sample. Code to sign US$10 K message for access PKI device 1. Hardware Server 2. Web Server 3. Web Application US$15 K 4. Client App for access PKI device US$15 K Bank – job 2 1. Hardware Server 2. Web Server 3. Web Application US$20 K 4. RA system US$25 5. PKI Device (ICC) 14

Business Model Phase II Device Fee TWN ATMCard in Japan ICCard ATM Fee=￥ 390 BDP: 60% EC: 20% BAO: 20% Ex. NT$146 for draw NT$10 K Draw money Max. NT$100 K per day ATMCard in Global Magnetic Stripe Card ATM BDP+EC=2. 05% BAO: NT$70 Ex. NT$275 for draw NT$10 K Draw money Max. NT$120 K per day Asia PKI Finance Network ICCard PC ATM KIOSK BDP: US$0. 5 EC: US$0. 5 BAO: depends on bank Ex. US$1+ SWIFT fee for draw NT$10 K Draw money and … Any PKI message such as some services in branch BDP(bank of device provider) : The Bank provide ATMs, Kiosk or Internet service EC(exchange center) : The center transfer message between BDP and BAO(bank of account owner) : The bank manage account and issue ICC to customer 15

To Be Approved Phase I p The proposal is seeking for approval by IOWA and APKIC SC/GA. p The project is also seeking for USD 20, 000 fund support from APKIC to cover the cost of the each 3 rd party CAs, but other costs will be at participants’ own expenses. 16

Thank you ! 17

Скачать презентацию APKIC Finance Network Proposed by 2010 10 28 1

5d46d2f93046a5964cbecd27e39102f4.ppt

Количество слайдов: 17