Case Studies - Banking Sector

Indian Bank

Background:

Indian Bank is a Premier and one of the oldest Banks owned by Government of India. It was established on 15th August 1907. The bank has 1644 branches, with a team of over 22000 dedicated staff and total business of Rs. 1,24,413 crores.

A pioneer in introducing latest technology in banking , the bank has many initiatives through harnessing of Information and Communication Technology for rural development and inclusive banking. The motto of Indian Bank is “taking banking technology to the common man”

Objective:

To enhance security by two factor authentication, using biometrics

Existing System:

The current Core Banking Solution is protected by Single Factor Authentication (Password)

  • Problems with the conventional ‘User ID & Password’ based security systems-
    • Password/Identity theft was possible
    • Periodic password changes to ensure data security
    • Exchange of password with in colleagues in emergency situations
    • External hacking of the system was possible

Requirement:

  • RBI Compliance
  • Enrollment process should conform to Maker/Checker concept
  • Biometric comparison should be < 40 milliseconds for each transaction & < 1000 milliseconds for the entire transaction
  • Fingerprint template along with the User ID is encrypted to a single unbreakable string
  • Raw image provided to client side
  • Raw image is given a randomly generated encrypted file name and stored in database
  • Provision for offline Biometric Log In ( Branch Server)
  • API should be robust to service multiple instances (110) of the application
  • Process to be approved by Organization & Methods Department

Solution Proposed:

Legend Systems proposed a Web Application Programming Interface (WEB API) to integrate the Biometric solution for the standalone environment. The API will contain both fingerprint capturing, fingerprint extraction and comparison components in Microsoft .Net Environment.

Web API - The Web API is designed to integrate the Bio Metric solution in a client server environment. The two components of the web API are

  • Client Component - The Client Component contains the fingerprint capturing and extraction process which is through Active X
  • Server Component - The Server Component contains the fingerprint comparison components in Microsoft .Net Environments, IBM AIX , Java etc

Hardware - Scanner will be connected to every PC/ thin client via USB port.

Software - Legend Web API

The enrollment is done through the scanner (at the client), where the individual finger prints is scanned.

The captured data is stored as digital templates (minutiae) in the branch server and the central server. During the comparison or verification process the user states who he/she is and a fingerprint is taken and compared to the user’s previously registered fingerprint. If the fingerprints match, the user is “verified” as who he/she says he/she is. Since the newly acquired fingerprint is compared to only one stored fingerprint, this is called a one-to-one matching process (1:1). As in the enrollment process, when fingerprint verification is done, only the fingerprint template is used in the comparison, not the actual image of the fingerprint

Benefits:

  • Tie Logons and individual transaction to actual people (Audit Trail)
  • Makes even complex password policies easy
  • Preserve confidentiality of the sensitive data
  • Ensure conformity to laws, regulations and standards

State Bank of India

Background:

State Bank of India is India’s largest bank with a branch network of over 11,800 branches and 6 associate banks located even in the remotest parts of India. State Bank of India (SBI) offers a wide range of banking products and services to corporate and retail customers.

Objective:

To provide a financial inclusion solution for all unbanked public.

Financial Inclusion is aimed at providing banking / financial services to all unbanked public (i.e. rural and urban) cut off from banking services. Savings, credit, remittance/fund transfer, insurance are some of the services.

Requirement:

  • Customers authorization to be done over the internet
  • Transaction enablement even at limited or low bandwidth
  • Size of each fingerprint template should be 1K
  • Online verification of customers (Server based)
  • Secured ActiveX DLL is provided
  • Minimum provision for 6 fingerprint is enrolled for a person
  • Integrated in JAVA
  • Authentication server with enablement of giving appropriate messages
  • Secure verification and transactions processed by the bank's server on Global Online basis.

Solution Proposed:

Legend Systems teamed with IIT ,Madras (Rural Technology Business Incubator), proposed Fingerprint based biometrics authentication of the customers over the internet, which eliminates the complex process of authentication through PIN and Password.

Benefits:

  • Ease of use
  • Taking away the complexity of authentication through PIN and password.
  • Cost effective Solution
  • No more high interest rates
Previous