Developers: | Bifit |
Last Release Date: | April, 2012 |
Branches: | Financial services, investments and audit |
Technology: | Systems of remote banking |
Content |
iBank 2 is a solution for electronic banking with support of all channels of access — Internet (online and offline), WAP, the SMS, phone (a voice, the fax, the modem). Individual solutions for electronic banking are also implemented based on iBank 2.
2019: Compatibility with JaCarta
On March 5, 2019 Aladdin R.D., the Russian developer and solution provider for information security support, reported that together with JSC BEFIT - developer of solutions for remote banking, tests on compatibility of the products carried out.
According to the results of testing of the company signed the certificate which confirms working capacity and correctness of joint functioning JaCarta of electronic keys-2 of GOST and the system of remote banking iBank2. According to the document for authentications and creations electronic signature (EDS) in RBS iBank2 system can be used USB- JaCarta-2 GOST tokens. Testing was held in operating systems Windows XP (32/64-bit), Windows Vista (32/64-bit), Windows 7 (32/64-bit), Windows 8 (32/64-bit), Windows 8.1 (32/64-bit), Windows 10 (32/64-bit) with use SOFTWARE "The uniform client of JaCarta" of version 2.11 or above.
Unfortunately, not all financial institutions realized need of transition to cryptographic algorithms. Due to the unstable economic situation banks even more often save on safety of the clients, preferring "cloud" (server, on the party of bank) the EDS, or passing to the simple electronic signature based on the long-term password and confirmation through the SMS. We hope that thanks to our partners who actively build in generation of JaCarta devices the products this trend will begin to decline. Sergey Shalimov, the head on work with technology partners of Aladdin R.D. company
|
2018
Ecosystem of BeFit
(as of June, 2018)
iBank cost
2013: Group-IB conducted a research of the new virus directed to the attack of clients of "iBank 2"
At the beginning of 2013 the image of the HMDD (the drive on hard magnetic disk drives) on a typical incident – plunder of the large amount at the legal entity through the system of Internet banking came to laboratory of computer criminalistics and a research of a malicious code of Group-IB company on a research. The bank in which the injured client was serviced used the IBANK 2 system having over 700 thousand of corporate and more than 500 thousand private clients only in Russia.
On the studied image experts of Group-IB detected a set of the known malware used including for commission of fraud in the RBS systems. However the file which is not detected by the majority of the known antiviruses, representing absolutely new trojan was in addition detected. This trojan successfully bypasses all mechanisms of protection. It can be delivered in the head of other branch of development of plunders - the iBank system which is completely automated and adapted for clients.
When carrying out the detailed analysis of the file system the suspicious files which are not determined at that time by antiviruses of the famous producers were detected. During the return development of these files it was established that they are capable to compromise a client part of the RBS system of "IBANK 2", including to deliver payment orders from client name. That is remarkable, as the virus today given is not brought in bases of anti-virus products of most of producers.
The release is prepared on the basis of an analytical research of the leading specialist on a research of a malicious code of Group-IB company Vitaly Trifonov.
2012
Certificate "Compatibly!"
Certificate "Compatibly! The system of programs 1C: Enterprise" was received in 2012 by the iBank 2 software product developed and replicated by JSC BEFIT company and provided on certification as the program of a system of electronic calculations like the "Client of bank" conforming to the standard of data exchange of 1C: Enterprise - "The client of bank" 8.2".
Channels of service of corporate clients
The main channels of service of corporate clients in iBank 2 (as of May, 2012):
- Internet banking for corporate clients. It is intended for access to services of bank online. Work in all modern web browsers (MS IE, FireFox, Google Chrome, Opera, Safari, etc.), in any operating system is supported.
- PC Banking for corporate clients. It is intended for access to services of bank offline. The client automated workplace is implemented in the form of compact Java application, the size of a distribution kit about 3 MB. Work in any modern operating system is supported: Windows, Linux, Mac OS X, etc.
Automated workplaces of the standard version of a system support work with a broad spectrum of bank documents:
- all ruble bank documents
- all currency bank documents and documents of currency exchange control
- questionnaires of beneficiaries
- documents of a free format (letter)
- documents of the salary project
- withdrawal of payment documents
Attachment of files to letters and documents of currency exchange control is supported.
All channels of customer service (online, offline, mobile) work in uniform space of documents. The document created offline (PC Banking) can be signed via the channel service online (Internet banking), the result of performance of a document of bank can be browsed in the form of the statement through Mobilebanking, and the client can receive the notification on execution in the form of the SMS.
Broader services of iBank 2 allow clients to implement own system of automatic control of payments by the following criteria:
- on the amount of separate payment or the amount of turnovers for the period;
- on the receiver of payment (black and white lists);
- by the difficult rules of control analyzing several fields of the document.
Exchange with accounting programs and accounting systems
Import of payment documents in formats is supported: 1C: Enterprise, CSV (the structure is configured by the client of bank), DBF (the structure is configured by the client of bank), iBank 2 is own format (text files).
Export of statements on bank accounts in formats is supported: 1C: Enterprise, CSV, DBF, XLS (MS Excel), iBank 2.
Security of iBank 2
According to information for May, 2012 all traffic is ciphered, and client documents are certified by the electronic signature using the CIPFs certified by FSB of Russia.
Assurance of documents by the electronic signature using "iBank 2 Key" ‑ the personal hardware cryptoproviders excluding plunder of signing keys is supported.
It is supported the following methods of additional confirmation of documents:
- the confirmation code created by a MAC token;
- the confirmation code transmitted through the SMS;
- the one-time password created by an OTP token.
The BEFIT company has licenses of FSB of Russia for the right of implementation of activity in the field of cryptographic information protection, including development of means of cryptographic protection.
2010
In Moscow the scheme of avoidance of taxes using a popular system "Bank client" is opened
Management "K" the Ministry of Internal Affairs of the Russian Federation revealed the international criminal group acting more than two years in 2010. Malefactors illegally rendered to clients banking services which they have the right to be engaged only officially registered banking institutions. In particular, it is about transfer of cash of funds for accounts and currency exchange transactions. First of all, the persons wishing to leave from taxes and therefore not persons interested to advertize the income became clients of malefactors, told CNews in Management "K". Money was transferred into the Russian accounts and also into the accounts registered in Cyprus and in Hong Kong. The transferred amounts were from 10 to 100 million rubles, and malefactors earned a reward of 2-3% of transaction amount. The net profit of swindlers during their activity was over 180 million rubles. "The criminal group acted in collusion to banks which received a certain percent from such "cooperation". Without similar support in many cases it is difficult to transfer funds to accounts or it is impossible", - the representative of Management "K" told CNews. Bank names, suspected of participation in this case, are not disclosed in the interests of the investigation. As field investigators found out, the group of malefactors consisted of 13 residents of Moscow. Some of them had knowledge in the field of accounting, others were specialists in information technology field. Keys of an information access and the database were stored on the server in Latvia, and activity was performed using remote access. In addition to money transfer to accounts criminals created dummy agreements on rendering different services for what phony companies were used. Turnover of these firms, according to field investigators, varied from $500 million to $1 billion.
Features of iBank 2
(data are relevant for December, 2010)
- Corporate and private clients - the "iBank 2" System allows to service corporate and private clients.
- Support of all channels of access - the "iBank 2" System supports all channels of access to services of electronic banking — Internet (online and offline), WAP, the SMS, phone (a voice, the fax, the modem).
- Uniform space of documents - the "iBank 2" System supports uniform space of documents for all components of a system. The client can create the finance document in Internet banking, edit in PC Banking, sign in Mobile-Bankinge and see result of execution in SMS Banking and WAP Banking.
- Uniform space of the EDS keys - The "iBank 2" System supports uniform space of the EDS keys of clients for all channels of access and components of a system. Couple of the EDS keys of the client created and used in Internet banking can be used without any settings and restrictions in PC Banking and Mobile-Bankinge and vice versa.
- Support of multifilial banks - the "iBank 2" System is focused on all range of banks — from small regional branches to the largest multifilial banks with hundreds of thousands of clients. One copy of the "iBank 2" system set in head bank allows to service clients of head bank and clients of all branches. The single centralized solution allows to reduce costs of bank for the equipment, the system software, means of IP security, channels in the Internet, administration and maintenance. The possibility of delegation from head bank to branches of the rights on customer management and the staff of branches is provided in the "iBank 2" system. Integration of the "iBank 2" system into territorially remote copies of the core banking system of branches is implemented.
- The guaranteed security level - "iBank 2" System provides the guaranteed security level, contains the EDS mechanism under finance documents. A system provides the legal importance of electronic document management. The procedure of permission of conflict situations is worked out. The packet of legal documents is provided.
- The cryptolibraries - "iBank 2" Systems certified by FSB of the Russian Federation it is delivered with three built-in cryptolibraries which are already certified by FSB of the Russian Federation for different platforms: "CryptoCom 3.1", Agabus-with, "Kripto-Si"
- All range of bank documents - the "iBank 2" System is implemented taking into account all requirements of the Bank of Russia, supports all range of bank documents. Document forms, rules of filling of forms are described on XML and the scripting LISP language, if necessary can be quickly and are simply modified.
- The simplified organizational procedures - "iBank 2" Systems supports the simplified registration procedures of new clients and change of the EDS keys. Upon the demand of banks supplementary procedures of the simplified transfer of clients from the old Bank Client systems and connection of already existing clients are developed.
- Flexible management by the rights - the "iBank 2" System provides flexible management with the rights of clients and employees of the bank. For corporate clients work of any number of employees and the EDS keys is supported. For each client on each document type the necessary number of the EDS is configured.
- Support of complex circuits of service - the "iBank 2" System supports complex circuits of service of large corporate clients with territorially remote divisions, branches and the child organizations. The mechanism of financial monitoring and management of limits of the child organizations is built-in.
- Additional services - the "iBank 2" System contains auxiliary modules for providing by bank to the clients additional services — corporate budgeting, the structured payments, corporate cards, salary projects, consumer lending, the bank assistant and others.
- The Platformonezavisimost - Bank the "iBank 2" systems component is completely implemented on Java 2 and works on all server platforms — Windows, Linux, Solaris, OpenServer, UnixWare, FreeBSD, OS/400, AIX and others. As DBMS Sybase, the Microsoft SQL Server, PostgreSQL, IBM DB2 can be used Oracle.
- The high scalability - "iBank 2" System at the application layer supports balancing and load distribution, allows banks simple adding of application servers gradually, in process of increase in document flow and the number of clients, to increase the overall performance of a system.
- Support of big document flow - the "iBank 2" System allows to service large corporate clients with big document flow — about tens of thousands of documents a day, with hundreds of thousands of account transactions. A system contains the specialized client module for support of big document flow ("The corporate autoclient").
- Integration into the core banking system - "iBank 2" System is integrated with all industrial core banking systems. In composition ready Gateways for integration into the Russian core banking systems and card processings are delivered. The exchange mechanism through text is provided and XML files, interaction with a core banking system DB is supported. Adapters for interaction of iBank 2 with the industrial systems of integration (Middleware) are implemented.