Интернет банка

Symantec

Komercijalna banka AD Skopje engaged Symantec to conduct an external Network Penetration Test, focused on hosts, devices and "Internet Banka" application reachable from the Internet.  The purpose of the engagement was to identify and prioritize the potential areas of security vulnerability in public facing infrastructure and application and to provide recommendations derived from this consulting engagement.

Некстсенс

Некстсенс изврши тестирање на безбедноста на Интернет банката преку т.н. “penetration testing” од Интернет со цел идентификација на потенцијалните слабости на системот и изготвување на препораки за нивно отстранување. Апликацијата за Интернет Банка, во тестираната верзија и конфигурација, претставува високо безбедно апликативно решение кое ги спречуваше сите до овој момент познати методи кои напаѓачот може да ги искористи со цел да добие неавторизирани информации.


Digital Certificates

DIGITAL CERTIFICATES FROM OTHER ISSUERS

Komercijalna banka AD Skopje shall, apart from the Digital Certificates issued by its Registration Office for operation with the Internet Bank, and under certain conditions, also accept the Digital Certificates issued by the following issuers:
• KIBS AD Skopje
• AD Makedonski telekomunikacii
• GlobalSign
• Verisign.
In order for the certificates of the above listed issuers to be used, the following conditions have to be fulfilled:
• The Certificate has to be qualified and to contain, at least, the name and surname of the holder,
• The Certificate has to be valid,
• The holder has to present the Certificate to the Bank and sign the prescribed form containing the Public key being part of the Certificate,
• The Certificate has to be presented to the Bank on a security device (Smart card, USB token, etc.). Depending on the technical capabilities, the Bank shall disclose a list of accepted devices.
• SafeNet iKey 2032,
• Aladdin eToken PRO (32k, 64k 32k 4.2B)
• USB eSeal Token (Gemalto)

DRIVERS

1. Driver SafeNet Authentication Client for Gemalto:

2. Driver for SafeNet and Aladdin eToken: SafeNetAuthenticationClient_x32_x64_8.00-SP1

3. Driver IDGo800_Minidriver for Gemalto:

4. Gemalto support tools: 7012_IDGo_800_User_Tool_for_Windows_1127

RECOMMENDATIONS

Komercijalna banka AD Skopje strictly recommends:
Use of Digital Certificates only from security devices, where the Digital Certificates can not be copied from without using physical, destructive force. The insecure Certificate bearers shall be considered those where the Certificate can easily be copied from, without any traces thereof (floppy, CD-ROM, disc, Sertificate Store on Windows, etc.). There is high risk for the Certificate to be stolen from such insecure devices without being noted by the holder. The undesired copying of the Certificate may be made by a person who had, at least, short-access to such bearer or by programs the holder is not aware of, and may be installed on his/her computer without his/her control (e.g. through Internet or e-mail).
• Strictly recommends use of programs for protection against malicious codes (virus, spyware, etc.) on the computers where the access to the Internet Bank shall be realized and the Digital Certificate shall be used on.
• Use of the Digital Certificate personally only. Each borrowing thereof shall be under the responsibility of the holder.
Komercijalna banka AD Skopje enables its clients to have personal generation of their own Digital Certificates at the Registration Office of the Bank, on USB tokens from renowned brands, which guarantee high level of security. The Bank shall not, at any time, have the private key of the personal Digital Certificates of its clients. The overall process of generation of the Digital certificate is carried out on the security device. The Bank applies rigid measures in the production and management of the Digital Certificates.

RESPONSIBILITY

Komercijalna banka AD Skopje undertakes no responsibility for:
• any negative consequences arising from the use of Digital Certificates saved on unsecured bearers,
• any negative consequences as a result of borrowing of or improper handling of the Digital Certificate,
• prolongation of the validation time for the Digital Certificates issued by other issuers, due to technical problems in reading the Public key and public data from the Digital Certificate presented,
• failed validation of the Digital Certificates issued by other issuers, due to technical problems in reading the Public key and public data from the Digital Certificate presented.