RSA Adds Chip Authentication (EMV CAP) Into RSA Adaptive Authentication
25 Sep 12:44
RSA, the Security Division of EMC, has added a new module, which supports MasterCards Chip Authentication Protocol (CAP) and Visas Dynamic Passcode Authentication (DPA), part of the EMV standard for chip based debit and credit cards, into its RSA Adaptive Authentication solution.
RSA Adaptive Authentication is a layered authentication solution for financial institutions.
New Smart Card deployments by financial institutions around the world today increasingly based on the EMV (EuroPay, MasterCard, Visa) standard, sometimes called Chip and PIN cards. The chip on these cards is able to store and run small applets, enabling the card to perform a number of different functions. One such function is the ability, when inserted into a suitable reader, to generate a one-time passcode. This application is called CAP Chip Authentication Protocol (also referred to as Visa's Dynamic Passcode Authentication DPA).
- Security vulnerabilities: by combining the RSA risk based authentication technology with CAP, the solution ensures that the system is more secure and less vulnerable to sophisticated online attacks such as man-in-the-middle and Trojan attacks, which can bypass many stand-alone two-factor solutions
- Usability issues: the system is usable and user-friendly - it allows financial institutions to implement CAP authentication and use risk-based authentication as a fall-back in low risk scenarios where, for example, a reader or a card is unavailable. It also enables non- payment related, high risk activities, such as address changes and new card requests to be authenticated transparently to the user.
- Mass deployment challenges: the solution allows CAP to be turned on even before a full issuance cycle of CAP enabled cards and readers is completed, while still protecting all users against fraudulent behaviour. This could take up to three years in a normal card issuance cycle.
Related links: (Open in a new window.)
www.rsa.com
www.EMC.com
Taken from Information Security Bulletin.