Solution Summary

The RSA SecurID Authentication feature enhances security by providing two-factor authentication to access banking solutions by its users.

Token-based authentication provides a second layer of system security for Bank-FlexChannel solutions. RSA SecurID authentication is an optional functionality enabled by the configuration of Bank-FlexPlatform with RSA Authentication Manager. RSA SecurID authentication requires users to enter a second, ever-changing password to re-confirm user identity before certain actions. A portable authentication device supplies the dynamic password.

To achieve the highest possible level of additional security, Bank-Flexpartners with RSA Security Inc. to provide RSA SecurID authentication at login.

In Bank-Flex, the user is authenticated using the RSA SecurID token (provided the user is enabled for RSA SecurID authentication).

At login, when users enter a PIN and tokencode, which comprises the RSA SecurID passcode, the Bank-Flexsends a request to the system where RSA Authentication Manager is running by invoking the suitable RSA API calls with respect to the request.

Bank-Flexcommunicates securely with the RSA Authentication Manager to confirm that the RSA SecurID passcode is correct (tokencode values on the device and the server are synchronized).

If the passcode is correct, the user proceeds. If it is not, Bank-Flexblocks the login request.

Partner Integration Overview

Authentication Methods Supported

Native RSA SecurID Authentication

List Library Version Used

5.0.3 for Java

RSA Authentication Manager Name Locking

Yes

RSA Authentication Manager Replica Support

Full Replica Support

Secondary RADIUS Server Support

N/A

Location of Node Secret on Agent

BEA_HOME\user_projects\bankflex in case of

weblogic application server

 

RSA Authentication Agent Host Type

Net OS

RSA SecurID User Specification

Designated Users, All Users, Default Method (Bank-

Flex Platform can be configured for any of the three)

 

 

 

RSA SecurID Protection of Administrative Users

No

RSA Software Token and RSA SecurID 800 Automation

No

Use of Cached Domain Credentials

No

2

Page 2
Image 2
Eon Version 1.0 (J2EE) on Solaris 9 manual Solution Summary, Partner Integration Overview