In connected mode DIGIPASS 870 can be used for a number of PKI-based, e-banking or e-wallet applications making use of the 'what you see is what you sign' functionality. Important transaction data such as amount, account and reference number will be displayed on the device and must be confirmed by the user by entering a PIN code and approving the transaction.
This WYSIWYS functionality enables users to actually see which transaction they are signing. The e-signature functionality provides excellent protection against so called man-in-the-middle, man-in-the browser attacks and similar fraud schemes. The device is directly linked to the bank system via a secure connection. Its large screen with a full graphical display allows extended data field validation on the display of the device.
Furthermore, PIN codes are directly entered on the reader and not on the computer keyboard. Therefore, the PIN is never exposed over the internet or PC platform. Similarly, smart card PIN changes can be securely performed using the DIGIPASS 870 keyboard. Additionally, a firewall mechanism protects the card from unauthorized access.
When used in unconnected mode, the card reader offers the same functionality as other unconnected DIGIPASS devices, including strong authentication and e-signatures.
DIGIPASS 870 can be used with all standard operating systems, such as Windows, Linux and MacOS. The card reader doesn't require the installation of separate drivers and is not personalized, allowing for easy deployment and distribution to large customer bases. The card reader is perfectly suited for environments with high security requirements including digital signatures, secure PIN verification, corporate network access, strong authentication (internet banking), e-commerce transactions, etc.
VASCO also developed a browser plugin for DIGIPASS 870 to make integration in current web infrastructures transparent. This plugin enables secure communication between the banking or e-ID application and the reader no matter which browser the customer uses.
"With DIGIPASS 870, VASCO continues to expand its current product portfolio," says Jan Valcke , President and COO of VASCO Data Security. "An alarming number of applications continue to use smart cards that are inadequately protected with static PINs whereby applications risk to be exposed to Trojans or key loggers. By entering the PIN code directly on the PIN pad of DIGIPASS 870, exposure of PIN codes is excluded increasing overall security. With the addition of a WYSIWYS functionality transaction signing becomes a simple and straightforward process."
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.