60 likes | 644 Views
Step 1: User enters id/pw for FI: encrypted in Quicken PIN vault Id/pw transmitted to Intuit CustomerCentral Servers at NCR using 128 bit SSL Step 2: Credentials stored in CC database using 3DES. Credentials transmitted to bank web site using 128 bit SSL. Step 3:
E N D
Step 1: • User enters id/pw for FI: encrypted in Quicken PIN vault • Id/pw transmitted to Intuit CustomerCentral Servers at NCR using 128 bit SSL • Step 2: • Credentials stored in CC database using 3DES. • Credentials transmitted to bank web site using 128 bit SSL. • Step 3: • Bank QFX files transmitted to CC server using 128 bit SSL • Logoff bank site. • Step 4: • QFX file received from bank, stored in database. Account number encrypted with 3DES. • EWC data transmitted to Quicken, 128 bit SSL • Step 5: • Data received from Intuit Servers, stored in Quicken.
NCR at a Glance NCR Executive Committee • 100+ year old company • $5.9B in revenues • 32,800 employeesworldwide • $2.9B in servicesrevenue • Nearly 20,000 serviceprofessionals Retail and Financial Group Teradata Division Worldwide Customer ServicesDivision Retail Solutions Division FinancialSolutions Division Systemedia Division Americas/Europe/Asia-Pacific/Japan
NCR eCommerce Facts • Business startup in 1997 • >40% compounded annual growth rate • eCommerce Solutions Across All Industries, with focus on Finance Industry • 140 banks hosted in data center • Deploy eCommerce Managed Solutions In-House or Outsource • (2) eCommerce Data Centers (Columbia, MD; Columbia, SC) • (1) Disaster Recovery Hot Site (Dayton, OH)
Secure, High Availability Data Center“IT Managed Services” eCommerce Data Centers PLANT POWER Battery Room -- UPS Diesel Generator Backup PING Command Center - Monitoring - Bandwidth - Data Communications
NCR Secure, High Availability, Hosting Data Center InfrastructureServices NCR Personnel Expertise -24x7x365 Management of Hosted Applications -OS Management to Include Teradata/Windows/Linux/Unix -Certified OS Engineers -Security and Network Consultants -Database Administrators -Certified Router and Firewall Consultants Hosting Availabity + Security -High Availability -UPS and Diesel Generator -Redundant Environmental Controls -Card Access Security -Security Cameras -Smoke and Water Detection -Fire Suppression -Redundant Power Grids -Dual Fiber Optic Rings Financial Institution Experience: Currently hosting over 130 internet Banking sites, including 4 top 50 Same data center as 300 bank core systems Security and Compliance -Vulnerability Assessments and Penetration Scans -Internal and External Intrusion Detection -Monthly Executive Summary Security Reporting -Security Fraud Detection Service -Annual SAS 70 Type II Certification -FFIEC, OTS, OCC Compliance and Annual Review
NCR eCommerce Security • Redundant Checkpoint Firewall Configuration • RealSecure Intrusion Detection Solution from ISS • Monthly Third Party Security Consulting • Annual Vulnerability Assessments • Quarterly Penetration Scans • Charter Membership in Infragard NCR is constantly monitoring its adherence to best practices and subjecting itself to the most stringent third-party audits available. For example, each year in addition to NCR corporate audits, an independent auditing company performs a SAS 70 Level 2 audit of the NCR eCommerce Data Center. NCR is also audited by the Federal Financial Institution Examination Council (FFIEC). This interagency body is comprised of the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC) and the Office of Thrift Supervision (OTS). It is this commitment to excellence which sets NCR apart when it comes to secure hosting and outsource services.