Rutoken PINPad

Various solutions based on tokens found application, in particular, for the purpose of security of remote bank transactions. Rutoken PINPad is selected among them with rather rare combination of the user usability to the high level of protection against traditional and modern types of threats. One of its most effective applications the Rutoken PINPad developer, – the Aktiv company, – sees in a segment of SMB.

Information security (IS) specialists believe that the user authentication method by means of a set of the PIN code cannot be considered today any more as rather reliable as clicking the keyboard (real or virtual) can be recorded rather easy way – by means of the keylogger. It is even simpler to get unauthorized access to the file with a key, stored in not encrypted form on the hard drive or on insufficiently protected removable medium. The hardware token will also not be able to protect the user if the malefactor already managed to get one way or another remote access to the computer with set on it "bank client". It is enough to user to leave the computer with the forgotten USB token for short time, having given thereby an opportunity to sign the payment order with its help and to send through a system "bank client" for execution. One more modern scheme of embezzlement from the checking account of the company is constructed that the user is deprived of a real opportunity directly to control what document he actually certifies by means of a system bank client at present. It gives the chance to imperceptibly perform substitution of one payment order by another.

Certainly, the cases described above are rather an exception, than the rule. Nevertheless they occur daily: the account on only one Moscow goes on tens long ago, and statistics on different types of plunders of a non-cash creeps up. Not only the large company with the large sums on the checking account involving swindlers can suffer. Also rather small business can quite fall a victim of malefactors: here for a number of reasons can keep up with cybersecurity less carefully, than on large enterprise, and effects of unexpected zeroing of the bank account for SMB can be more than notable. In advance it is clear, for example, what can potentially lead actions of the accountant of the small distribution company alternating sending the payment certified orders to visit of the different websites from the same, insufficiently protected computer to. Sooner or later can happen so that single plunder of revenue which collected in a month for goods should be covered then with the amount of the profit got in a year.

It is simple predict actions of the fair entrepreneur who suddenly turned from the businessman prospering, assured in tomorrow in the person on whom huge amount of debt hangs: most likely, he will ask for the help and in the servicing bank, and in police. What will it end in practice with? Solvability on this type of crime low. Actions of bank can be predicted in advance, having attentively read conditions of the agreement on RBS. Issuing the protected token and a disk with a distribution kit for RBS use, the bank rather fairly believes that it supplies the client with one of the most modern of means of protecting for today, the client of bank should do other part of work on providing the necessary security level for remote bank transactions already independently. Most likely, the reasons approximately such plan formulated by legal language will also be providently recorded in the agreement on remote service. Seriously to you it is not necessary to accuse commercial bank that it does not undertake all completeness of responsibility for the event on the client's computer, perhaps: eventually, it should protect the interests somehow too.

From the technical point of view it represents the small device connected to the computer with the touch screen allowing to enter the PIN code and also to visually browse document contents before assuring it the electronic signature through Rutoken of EDS inserted into the USB port on the body most PINPad-and. The signature forms hardware by means of not taken Rutoken of the EDS key, and PINPad guarantees that the bank document was browsed by accountants is sent to bank by clicking of the virtual button on the screen.

Application of Rutoken PINPad, in particular, will allow to fight against all modern types of threats trapping the clients of bank using RBS effectively. The point is that the payment order cannot go to bank without final approval of the user who every time browses "payment order" with the help PINPad-and, and only after that sends (or denies) payment by clicking of the corresponding buttons on the touch screen. At the same time, whatever privileges appropriated the malefactor who "got" into a computer system, he will be deprived of an opportunity not only to independently initiate payment, but also to make substitution of the payment order.

Perhaps, such solution will be interesting practically to all. For large customers, in addition, an additional opportunity to control and make mass payments to the numerous entrusted partners is provided; for banks – the new method appears to provide to the clients more reliable bank service (instead of dealing with claims); for the leading developers of systems bank client together with which the Aktiv company will also advance Rutoken PINPad on the market integration into this hardware solution will give convincing competitive advantage, will allow to attract new buyers.

Rutoken PINPad - the only thing the solution of the class TrustScreen certified by FSB of Russia allowing to visualize the signed document in the entrusted environment just before creation of the electronic signature. The device protects from the counterfeit websites (phishing), the attacks by means of funds of remote control, substitution of contents of the document by transfer for the signature (Man-in-the-middle attack).

Implementation

Rutoken PINPad is the solution capable to protect users of the systems of remote banking from the problems connected using malefactors of remote control by the computer and substitution of payment information the malicious software.

At transactions the client of bank has an opportunity of the guaranteed visual control of the payment information sent to the RBS system server. Input of the PIN code and confirmation of accomplishment of payment is made on the touch display of the device.

Rutoken PINPad allows to perform strict authentication of users for access to the system of remote banking based on the electronic signature and also provides visual control.

For authentication the ISO Public-Key Two-Pass Unilateral Authentication Protocol protocol can be used. The protocol is constructed on asymmetric cryptography, uses only two transactions (transfer of data) and is intended for one-sided authentication. In authentication process the PIN code for access to Rutoken of the EDS which needs to be gathered on the touch display Rutoken PINPad is requested from the user.

Protection against substitution of payment information is performed by visual control of the payment document on the screen of the device and confirmation of correctness of information by clicking of the Sign button.

Security of this solution is based that the client bank sends to the signature not a hash of the payment order, but the document in a special format. Rutoken PINPad displays the acquired information, requests confirmation from the user, and having only received the consent of the user, sends the document to Rutoken to the EDS for calculation a hash function and signatures of the document. Such approach guarantees impossibility of use of Rutoken of the EDS for implementation of unauthorized payment.

Functionality

• The entrusted input of the PIN code for access to cryptographic opportunities of an USB token.
• Viewing contents of the signed documents in the entrusted environment. Individual formatting and possibility of scrolling of big documents.
• Caching of the PIN code in Rutoken PINPad for convenience of users. The code is entered once at authentication, further at the signature of a series of payment documents it is not necessary to enter it repeatedly.
• The user browses each of documents and clicks "Sign".

2013: Rutoken PINPad carried out by Group-IB the analysis of security of the device

In January, 2013 the Group-IB company announced completion of a research of security of the device Rutoken PINPad released by Aktiv company for the systems of protection of remote banking. Rutoken PINPad belongs to the class of Trust Screen devices which allow to increase security of the client of RBS during the work in not entrusted environment, in particular protect from threats of modification of payment orders.

Within the events for the analysis of security held by specialists of department of audit and consulting of Group-IB the possibility of a compromise of the device taking into account the following vectors of the attacks was investigated:

• application of a malicious code for the purpose of plunder of keys of the electronic signature from a local environment;
• application of a malicious code for the purpose of plunder of keys of the electronic signature from RAM;
• implementation of the attacks using remote connection to USB port (USB-over-IP);
• the attack by remote control the client's computer;
• substitution of contents of the electronic document by its transfer for the signature;
• attacks on vulnerabilities of Web applications at implementation of network communication according to application protocols of data transmission.

Results of testing showed the high level of security Rutoken PINPad and confirmed compliance to all necessary specifications shown to devices of the class Trust Screen. Devices of this class are equipped with the screen for information display for the purpose of verification of the sent payment orders on user side.

"Use of similar devices can significantly increase security of clients of bank at transactions. Trusted Screen are successfully used abroad in the relation of both physical, and legal entities, allowing to prevent in practice frauds using remote control the computer" — Andrey Komarov, the director of the department of audit and consulting of Group-IB commented on results of testing.

Rutoken PINPad performs a full stroke of processing of the document sent to the signature. In the device mechanisms of display, hashing and signature of payment orders are hardwired. Payment documents are displayed on the touch screen of the device Rutoken PINPad, and in case of confirmation by the user of correctness of information the signature of data directly in the device is performed. All cryptographic transactions are executed according to the Russian standards.