by Maik Breilmann | Oct 25, 2023
Allianz uses SCinterface from cryptovision company-wide
The challenge for Allianz
Allianz is one of the world’s leading insurers and financial service providers. Headquartered in Munich, the company has been operating a public key infrastructure (PKI) for years, which is used for applications such as authentication, single sign-on and data encryption.
Because Allianz places great emphasis on security, the company’s IT department decided to use smart cards to store private keys instead of the previous software-based variant. Allianz chose cryptovision’s smartcard middleware SCinterface to connect the smartcards to the applications.
The main reasons for this choice were the excellent integration support for the planned applications and a seamless migration from a previously used solution. Almost 70,000 Allianz employees now use SCinterface.
Our solution for Allianz
Alliance chose cryptovision’s smartcard middleware SCinterface to connect the smartcards used with the various applications. The reasons for this decision were mainly of a practical nature: SCinterface supports all applications used by Allianz and enables a seamless migration from the previously used solution. Almost 70,000 Allianz employees now use SCinterface. The special feature SCinterface cache, which enables secure PIN caching, has further increased employee satisfaction, as the number of PIN entries required per day has decreased significantly.
As a first step, Allianz issued cards to users who could use them to secure their workstations. In addition to the PKI, Allianz implemented a card management system. It quickly became clear, however, that working with group mailboxes and representative regulations with the cards was not possible without further ado. With the cryptovision product remoteCSP, which enables a secure online access to a private key, this challenge was mastered.
More references from this branch
Secure solutions for digital identities
SECURITY TOKEN AND HARDWARE SOLUTION
by Maik Breilmann | Oct 25, 2023
SCinterface has been successfully in use at Signal Iduna for years
The challenge for Signal Iduna
Signal Iduna Versicherung from Dortmund did not equip its employees with PCs, as is the case in most companies, but with thin clients from IGEL. The programs used by the users therefore run centrally on a terminal server. Such an architecture has clear advantages: A thin client is cheaper, more durable and easier to maintain than a PC. Security is also higher in a thin client environment, as most data is stored centrally (and thus well protected) on the terminal server.
When using a thin client, the issue of smartcards often poses a special challenge. Firstly, it makes sense to secure the connection between thin client and terminal server with a smart card. On the other hand, a smartcard in the smartcard reader of the thin client should also be usable for the applications on the terminal server. The connection to the smartcard reader must therefore be looped through the thin client and via the communication line. The thin client manufacturer IGEL also had to find solutions for these smartcard issues, otherwise the use of an IGEL thin client for Signal Iduna Versicherung and other customers would not have been possible.
Our solution for Signal Iduna
Signal Iduna opted for a solution from IGEL. IGEL, a German manufacturer based in Bremen, uses the smartcard middleware SCinterface from cryptovision. This is initially used on the thin clients and is used there to secure the communication connection. Since the IGEL thin clients are based on Linux, the Linux version of SCinterface is used.
The smartcards are also available on the client for applications on the terminal server (e.g. e-mail encryption and secure web access), whereby access to the smartcard is looped through from the thin client to the terminal server. You are not restricted to a specific card system, since SCinterface supports more than 80 card types. In the described form SCinterface has been running smoothly at Signal Iduna for years.
More references from this branch
Secure solutions for digital identities
SECURITY TOKEN AND HARDWARE SOLUTION
by Maik Breilmann | Oct 25, 2023
For the AIB the decision for a PKI product was quickly made
The challenge for AIB
AIB (Allied Irish Banks) is one of Ireland’s largest banks. The Dublin-based financial institution, which is predominantly owned by the Irish State, offers a broad portfolio of financial services to private and corporate clients. Like any bank, AIB has high standards of IT security. In 2016, the company therefore decided to set up a public key infrastructure (PKI) to achieve secure authentication of devices in the corporate network. In addition to protection against hackers and spies, the decision was based on various regulatory requirements.
Our solution for AIB
Since AIB has been using the identity management solution from Micro Focus (formerly Novell) for decades, the decision for a PKI product was made quickly. cryptovision’s PKIntegrated is a PKI solution designed specifically for Micro Focus Identity Management that integrates seamlessly into Micro Focus’s identity management environment and can be operated via its user interface. Since PKIntegrated uses existing Micro Focus Identity Management features for many tasks (e.g. user administration, logging and key recovery), it is a very lean and cost-effective solution. The automatic (and therefore user-friendly) registration of PKI users is also easily possible, since Micro Focus Identity Management supports numerous registration processes from the ground up.
AIB’s PKI is now used not only for device authentication, but also for email encryption. The advantage here is that PKIntegrated can work with both Windows and Linux without any problems.
Die PKI der AIB wird inzwischen nicht nur für die Authentifizierung von Geräten, sondern auch für die E-Mail-Verschlüsselung eingesetzt. Von Vorteil ist hierbei, dass PKIntegrated sowohl mit Windows als auch mit Linux problemlos zusammenarbeitet.
More references from this branch
Secure solutions for digital identities
SECURITY TOKEN AND HARDWARE SOLUTION
