1. DISCOVER CIDWAY
Securing Access & Transactions
2011
Discover the future of security on www.cidway.com

2. Table of Content
• CORPORATE BACKGROUND
 Facts & History
 Industries
• BUSINESS CASES
 Multi Channel authentication & transaction signature for Banks
 Corporate Access
 Wifi Hotspot Access
• PRODUCT PRESENTATION
 Product Line
 Tokens Features
 Key differentiators
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 2

3. CORPORATE BACKGROUND

4. CIDWAY – Background
Cidway
Partners and Customer Services
 Created in December 2005
 Global presence via partners & resellers
 Head Quarters in Lausanne, CH
 Support center for Partners
 Sales Offices in Switzerland & UK
 Support portal available for partners
 Internal R&D & Patent Office
 Consulting services
CIDWAY’s Vision
Authentication and transactions should be safe, reliable and easy for anyone, anywhere, anytime
This vision is fuelled by:
 Meeting virtually all authentication requirements
 Making Authentication & Transactions simple, easy, accessible, secure and user friendly
 Addressing virtually unlimited vertical applications from one platform
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 4

5. Secure Identity, Authentication & Transactions
Banking & Finance
E-Banking, Mobile-Banking, Transactions signature, Phone Banking, ATM & POS anti-fraud…
Mobile Application’s Providers
Securing access & transactions for mobile applications (e/m-Commerce, e/m-Gambling, sms authentication…)
Mobile Money & Payment
P2P mPayment, cardless ATM cash withdrawal, POS mPayment, Bill payment…
Enterprise resource access
Two-factor authentication to Login to the Desktop / VPN access / Applications / Citrix / Webmail…
Homeland Security
Airline pilot & vehicle identification
physical security solutions (guard exchange id., biometric implementation, etc.)
Telecommunications
Mobile Top-up, resources access, ASP authentication solution, SIM based OTP…
E-Government services
Citizens authentication & transaction security, electronic & mobile voting, bill payment…
Enable new channels - Improve client’s confidence & loyalty – Lower TCO
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 5

6. BUSINESS CASES

7. CIDWAY Multi Channel authentication for Banks
Improve
ROI
&
Enable
new
Channels
• Ra%onalize
the
number
of
authen%ca%on
solu%ons
• Lower
the
cost
of
acquisi%on
&
maintenance
• Lower
the
cost
of
deployment
&
replacement
• Lower
transac%ons’
cost
&
dispute
support
DESKTOP LOGIN ONLINE BANKING
REMOTE ACCESS / VPN MOBILE BANKING
• Improve
customer
acquisi%on
&
reten%on
• Enable
innova%ve
&
revenue
genera%ng
services
Simplify
User
Experience
• Choice
of
device
(mobile
soCware,
hardware,
sms)
• A
device
that
the
User
already
has
(mobile
phone)
PHONE
• Simple
&
easy
to
use
BANKING
• One
applica%on
for
many
services
Security
• A
very
high
level
of
security,
using
%me
based
OTP,
with
2-­‐way
authen%ca%on
&
Transac%on’s
signature,
combine
with
a
unique
&
patented
PIN
and
secrets
protec%on
on
the
DOCUMENT SIGNATURE
Mobile
phone.
& DATA
CORROBORATION
Integra?on
• Easy
to
integrate
within
exis%ng
bank
infrastructure
(Gaia
Server
or
SDK)
• Mobile
SDK
for
integra%on
in
any
exis%ng
mobile
applica%on
• Scalable
&
fail-­‐safe
solu%on
ANTI-FRAUD ATM SMS / EMAIL
• Easy
deployment
(internal
tools)
AUTHENTICATION
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 7

8. Corporate Access - CIDWAY
1. Remote Access / VPN (using a PC or a PDA)
2. Desktop login (in the corporate network – Windows, Mac…)
3. Remote access using Citrix plugin from Cidway
4. Webmail access using plugin from Cidway
5. Application Access (SAP, Oracle, etc.)
SSL VPN Gateway
radius
PDA
CIDWAY SERVER
& Cidway OTP
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 8

9. WIFI HOTSPOT ACCESS
CARACTERISTICS
• Securing Internet access via Wifi Hotspots and a
Captive Portal (existing CP or the one embedded into
the WiFi infrastructure: Cisco WLC, Aruba, HP
procurve…)
• Can be used with Display Cards, Sesami Mobile or
SMS-OTP
• Self-registration Portal in the case of SMS-OTP
• The interface with the CP is done using Radius
protocol
• Direct connection with Access Points does not work.
• Subject to complete feasibility analisys
ADDED VALUE
• Securing & automatic Internet Access for Guests
& Consultants…
• Traceability for Public Wifi Access (according to
European regulation), using sms-otp
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 9

10. CIDWAY key differentiators
Flexibility
• Hardware, sms & Software tokens
• Multi-purpose solution (transaction, authentication, document/email corroboration)
• One single server for multi-channel communication
Cost Optimization
• 1 solution secures all remote-access
• Low acquisition, deployment and maintenance costs
• No need for inventory (sms & soft)
• Transaction’s cost reduction and customer retention
Convenience
• 1 device & 1 PIN for any access or transaction
• Familiar and user friendly experience
• No need to carry many tokens
Security
• Time based OTP algorithm (One Time Password is “not predictable”)
• Anti-fraud protection against common attacks (e.g. phishing, man in the middle, etc.)
• Secrets are not stored in the Cell-phone (soft token)
Integration
• Easy to integrate within existing infrastructure
• Scalable solution
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 10

11. CIDWAY Some of our Clients, Partners & on-going initiatives
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 11

12. PRODUCT PRESENTATION

13. CIDWAY GAIA / SESAMI Product Line
One server for multiple tokens
Display Cards
SESAMI Mobile" Hardware Tokens
Time based OTP Software token for
Convergence of physical &
mobile phones.
logical access"
Yubikey
GAIA Server"
Authentication platform
GAIA SDK"
Authentication platform SDK
SESAMI Mobile SDK" SESAMI SMS"
Time based OTP Token SDK for SMS based OTP for mobile phones
mobile phones
SDK: Software Development Kit
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 13

14. CIDWAY SESAMI Mobile
FEATURES & CHARACTERISTICS
Security
• Time based OTP with time stamping
OK
• OTP time management to the second
• Protection against theft or loss of mobile phone: PIN not stored on Mobile, neither transmitted,
neither stored on the server (patented solution)
• PIN Code selected by the User (no need for temporary PIN sent to the User)
Compatibility
• Large handset coverage (Windows Mobile, Blackberry, Android, Java, iPhone, iPad)
• Automatic time synchronization (support of any clock change on the mobile)
• Multiple transmission methods (Screen display, SMS, WAP, MMS, GPRS, Acoustic, NFC*…)
Functionalities
• 2-factor authentication (User authenticated by the Server)
• 2-way authentication (server is authenticated by the User)
• Transaction’s signature (guarantee the integrity of transactions, against MitM)
• Automated registration
• Time Traceability
• Mobile SDK for integration into any existing mobile application
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 14

15. Distribution
1. Download methods
• Over the Air (OTA)
Download Gateway (sample)
– Push: triggered by the Bank (e.g. sms-link)
– Pull: triggered by the User (request on the Web portal
of the Bank)
• Any other communication means
– eMail
– PC Download
– Pre-loaded
– Bluetooth
– Etc.
2. Download Gateway
• Automatically detects User’s phone
– Pushes the appropriate application
3. User Registration
• Automatically Registration
– Redirects to appropriate Mobile Store
(AppStore…)
– UserID & Password (on Mobile)
– Numeric Code (on Mobile)
• User selects PIN Code (4 to 8 digits)
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 15

16. Display Card 106
• Dimensions: 85.5mm x 54mm x 0.8mm
• NagraLam lamination technology
• OTP OATH algorithm
• Dynamic one-time password (OTP)
• Numerical 6-digit display
• Compliant to a broad list of standards
(ISO/IEC, INCITS, ANSI, CQM, others
pending)
• 1 to 3-year lifetime* (see warranty)
• Tamper evident
• Custom artwork graphics (above 1’000)
• Card personalization features and
options
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 16

17. NagraID Display Card 306
• Dimensions: 85.5mm x 54mm x 0.8mm
• NagraLam lamination technology
• OTP OATH algorithm
• Dynamic one-time password (OTP)
• Numerical 6-digit display
• Compliant to a broad list of standards (ISO/
IEC, INCITS, ANSI, CQM, others pending)
• 1 to 3-year lifetime* (see warranty)
• Tamper evident
• Custom artwork graphics (above 1’000)
• Card personalization features and options
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 17

18. YUBIKEYS
CARACTERISTICS
• Physical properties (YubiKey)
• Size: 18 x 45 x 3 mm
Weight: 2,5 grams
Material: Plastic
Color: Black or white (Other colors available on request)
• Platform independent
• Compatible with Windows 98SE and onwards, MacOS 9 and
onwards, Linux and Solaris with USB HID support (standard
USB driver) and other platforms and devices with a USB
host controller.
• HOATH Algorithm
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 18

19. CIDWAY SESAMI SMS
FEATURES & CHARACTERISTICS
• Strong two-factor authentication
• No need for software installation or activation in the mobile
• No secret stored in the mobile
• User convenience – automatic back-up to hardware tokens
• User can change his mobile phone time zone or time
• Easy management – no need to maintain inventory
• Works with any SMS enabled mobile phone or PDA
OTP FEATURES
• 8 decimal digits (or optionally 8 hex-digits)
• Time-based combined with challenge-response
• Validity of few seconds (server parameter)
• Automatic time management by the server
• Easy
deployment
• No
stock
management
• Low
on-­‐going
cost
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 19

20. What makes us different from competition?
TECHNOLOGY
 PIN & Data protection - Ability to protect secret and sensitive data in mobile phones and
PDAs, using Cidway patented solution
 Registration and Activation - Ability to ensure convenient & secure registration procedure for
CIDWAY mobile tokens
 Time Management - Ability to time-stamp the OTP and Transaction Signature to the second and
to allow an off-line (after-the-fact) verification of the OTP or the Signature.
 Automatic Time Synchronization - Ability to fix in a transparent way for the user and the server
the time drift between the token and the server, even if the token is a mobile application.
UNIQUE RESPONSE TO MARKET NEEDS
 2-Factor Authentication – using a time-based OTP generated autonomously on a mobile
phone
 2-Way Authentication – ensuring the User he’s connected to the right server
 Transaction Signature – preventing MitM attacks, with uniquely customizable fields
 Mobile SDK – seamless integration into any mobile application ensuring the simplest User
experience
Copyright © 2011 CIDWAY Security SA. All rights reserved – www.cidway.com 20

21. THANK YOU FOR YOUR ATTENTION
For more information, contact:
Laurent FILLIAT
VP Strategic Business
Mob.
+41 78 842 11 47
Tel.
+41 21 331 27 00
Fax
+41 21 331 27 09
Email: laurent.filliat@cidway.com