| As the great development of economy, China’s domestic Banks generally entered a stage of great development.The electronic chaneel such as phone banking, online banking, mobile banking, TV Banks increasingly expanded and improved; as the same time, the bank customer pay high attention to transaction security, the variety and ease of authentication tools, in addtion,their requirerment increasingly raise. However, the principal authenticationbased on users’ name and passwordis a kind of weakly authentication, since it has weakness of easy to guess, dictionary attacktion, illegal interception, responsibility of identification can’t be series to people, so, in the current bank application environment it have been unable to fulfil the security demands of bank information system.Under the above atteioned background, information system authentication securityof the bank has seriouslybecome the first line of security in the construction and researchof information securitycannot be ignored. It has been considered to be the first link of bank information security construction.With the rapid development of Internet banking, electronic transactions are becoming more and more popular. Electronic transactions include: Electronic Banking(online banking, ATM applications, POS applications, phone banking, mobile banking, card payment), online financial securities, third-party payment, electronic mall, etc.. Over the past few years, the electronic transaction has more than 40% annual growth rate. Among them, the development of electronic banking is appearing the trend that a variety of parallel development of electronic channels tend to integrated, the integration of channels can make business development and marketing more flexible. All kinds of electronic channels for the security requirments have the qualitiesin common, there are user authentication, transaction authentication requirments; also, the record requirments,the authorized requirments, the requirments of risk monitoring and prevention. In order tosupport the business development and integration of various channels better, we urgently need to establish a set of unified authentication platform for all electronic channels, to deal with the user’s authentication, transaction authentication, risk monitoring and prevention, and unified log, etc.This paper is to study the information in the banking system and multi-certified multi-terminal unified tool environment certification, and at the same time will be unified dynamic password authentication and unified digital certificate authentication both mainstream authentication technology seamlessly integrated into unified authentication. Unified certification program commissioning and validation phase, unified authentication can really achieve plurality of information throughout the banking system, multiple authentication terminal, a variety of user types unified authentication, centralized control, unified management of authentication security. Meanwhile Unified Authentication is the development trend of banking information security, as well as the bank’s information security strategy. Aims to establish a unified certification is to improve the level of banking services to enhance the bank’s risk management and control, reducing system cost and subsequent construction operation and maintenance costs, thus speeding up the banking products in response to market demand speed. |
PDF Full Text Request