Skip to main content
November 19, 2008
Cutting-edge user authentication system first in Japan to use smart cards
Hitachi High-Technologies Corporation (President: Hidehito Obayashi) today announced its intent from 2009 to launch the sale of security systems for Internet banking services through a business alliance with the producer of the technology, Todos Data System AB of Sweden.
Todos develops security systems with an emphasis on total solutions for remote authentication systems. Its systems have been widely adopted by banking institutions and service providers worldwide. The highly secure end-user authentication systems produced by Todos have gained a reputation for excellence in the Internet banking and e-commerce sectors by making safe authentication, transactions and settlement a reality in personal banking.
When viewing account balances, transferring funds or conducting payment settlement online, security in Japan's Internet banking sector is presently handled primarily through the issuance of special random number-generating cards, password-generating terminals or various types of electronic identification.
However, a major drawback with ordinary password technologies, such as fixed passwords that must be changed manually and passwords that remain effective for only short periods of time, is that these passwords can be reused repeatedly within a given interval, typically remaining effective for at least 5 to 10 minutes. This vulnerability renders attempts to completely prevent so-called "Man-In-The-Middle" attacks and other elaborate security attacks stemming from identify fraud impossible. Europe has actually witnessed a dramatic rise in highly sophisticated Internet crimes and related damages on a scale and scope far surpassing that of the phishing scams and password theft crimes that have come to light in Japan. Against this backdrop, European banking institutions, among which Internet banking enjoys a high rate of acceptance, are adopting Todos products as the most effective means of countering the highly sophisticated Internet crimes they confront.
The security system based on end-user authentication devices developed by Todos is the optimal authentication system for Internet banking due to the superior mobility, affordability and high level of security it offers.
Built on a One Time Password (OTP) format, this system features not only one-sided password input from users, but also a "Double Authentication" function, whereby users enter a one-time password once the bank website identity has been confirmed as correct.
Furthermore, authentication can be performed by inserting a standard smart card into a terminal, which generates an OTP derived from the user's cash balance, account number and other data. This smart card-based authentication system will be the first next-generation authentication method of its type in Japan. Authentication procedures can also be adjusted in stages in response to the risk level of the transaction, thereby avoiding placing any unnecessary burden on users.
The Todos eCode Central System can authenticate the same user even over multiple devices, from scratch card and OTP-generating terminals compatible with "Double Authentication," to smart card-based authentication terminals for end-users that allow for more secure authentication, transactions and settlement. Todos servers and software can be simultaneously configured to install and support these diverse authentication tools, enabling users of these products to readily configure their servers for high-level security systems as the need arises, even if they initially opt to install lower-level security formats.
By adopting this system, users can safeguard against today's increasingly complex and wide-ranging acts of Internet crime by readily raising the security level of their remote authentication. This advantage makes it possible for system users to offer greater safety than ever before for Internet banking, making transactions as secure and reliable for customers as visits to a conventional bank teller window.
Hitachi High-Technologies plans to launch the sale of this system in Japan to financial institutions and for e-commerce, online shopping, online securities and mobile banking applications from 2009. Furthermore, Hitachi High-Technologies is aiming for 3 billion yen in sales by fiscal 2012 through efforts to expand its security solutions business via alliances with domestic systems companies.
End-user authentication devices developed by Todos
Todos has its headquater in Sweden, offices in Asia and partners and clients around the global. The company was established in 1987 as a total solution provider in remote authentication. Todos has a strong majority owner in Swedish national pension fundands and commited to growing and evolving along with its clients, in order to best meet their current and future needs.
Hitachi High-Technologies Corporation
Media Devices Dept., Electronic Devices Div.
Strategic Development Dept., Electronic Devices Div.
Hitachi High-Technologies Corporation
Public & Investor Relations Group