Magensa - MagTek

More documents

Recommendations

Info

eCommerce authentication stages Stage 3: Hardware authentication and username and password validation Users can enter in their current username and passwords but have the added security of the hardware token to perform mutual device/host authentication. This introduces transparent multi-factor authentication without changing your current login process. stage PC Client WebSite Server Magensa 1. User connects SCRA to Internet device, visits eCommerce site, & activates the Authentication Mode 2. Website sends Challenge Request to SCRA 3. SCRA transmits Encrypted Reader Challenge to Magensa In the clear, no need to encrypt. Secure via 3DES Encryption & DUKPT key management 4. Magensa Decrypts SCRA Challenge & formulates Encrypted Activation Response 6. SCRA compares Encrypted Activation Response to expected Encrypted Activation Response Secure via 3DES Encryption & DUKPT key management 5. Magensa sends the Encrypted Acitvation Response to the SCRA 7. 8. Green blinking LED on SCRA indicates hardware token validation User enters User Name, and Password. Data: Secure via SSL, Server Certificates, IP Address 9. Website validates User Name & Password 11. 13. User manually enters in any form data or payment data and submits to website. Internet user receives a response. 10. 12. Website sends validation. Website completes customer service per standard procedures Topology Key Challenge Request Encrypted Reader Challenge Encrypted Activation Response User User time SCRA hardware token User Password User Name simply stops fraud Magensa I 1710 Apollo Court, Seal Beach, CA 90740 I 562-546-6500 I info@magensa.net © Copyright 2012 Magensa All rights reserved. Page 4 of 5 PN 99810012 rev 2.01 2/12
eCommerce authentication stages Stage 4: Hardware, User, Card, cardholder authentication For maximum security, use the hardware token for mutual device/host authentication and use a card swipe for card and user authentication. This takes security to the highest level, providing “card present” authentication. The username can be extracted directly from the authenticated card for unparalleled transaction authentication, while at the same time transparently and securely logging users into their stored accounts. stage PC Client WebSite Server Magensa 1. User connects SCRA to Internet device, visits eCommerce site, & activates the Authentication Mode 2. Website sends Challenge Request to SCRA 3. 6. SCRA transmits Encrypted Reader Challenge to Magensa SCRA compares Encrypted Activation Response to expected Encrypted Activation Response In the clear, no need to encrypt. Secure via 3DES Encryption & DUKPT key management Secure via 3DES Encryption & DUKPT key management Magensa 4. 5. Magensa Decrypts SCRA Challenge & formulates Encrypted Activation Response Magensa sends the Encrypted Acitvation Response to the SCRA 7. Green blinking LED on SCRA indicates hardware token validation Card data: Secure via 3DES Encryption and DUKPT key management; User name & password: Secure via SSL, Server Certificates, IP Address Secure via SSL, Server Certificates, IP Address, User name & password 8. User swipes card in SCRA. User Name resides on card. Secure via SSL, Server Certificates, IP Address, User name & password 9. 12. Website sends Encrypted Card Data to Magensa Website verifies user name and uses Magensa data to authenticate the customer 10. 11. Magensa decrypts card data & authenticates MagnePrint Data Magensa sends Decrypted Card Data & MagnePrint Score to Website 14. Enhanced User Experience: User swipes card to auto enter any form or payment data, then submits. 13. 15. Website sends validation. Website sends Encrypted “Card present” Card Data to Magensa 16. Magensa decrypts card data & authenticates MagnePrint Data 19. Internet user receives a response. 18. Website authenticates the customer and payment form and completes service per standard procedures. 17. Magensa sends Decrypted Card Data & MagnePrint Score to Website Topology Key Challenge Request Encrypted Reader Challenge Encrypted Activation Response Card Data, User name & Password MagnePrint Score User User time SCRA hardware token User card swipe simply stops fraud Magensa I 1710 Apollo Court, Seal Beach, CA 90740 I 562-546-6500 I info@magensa.net © Copyright 2012 Magensa All rights reserved. Page 5 of 5 PN 99810012 rev 2.01 2/12
Page 1 and 2: simply stops fraud eCommerce Stages
Page 3: eCommerce authentication stages Sta

Magensa - MagTek

Create successful ePaper yourself

Delete template?

Save as template?