Vasco Data Security International (Nasdaq: VDSI), a leading software security company specializing in strong authentication products, launches Digipass 920, a USB connected card reader with What You See Is What You Sign (WYSIWYS) and reader signature capability and smart card PIN protection.
DIGIPASS 920 is suited for banks which seek to protect high value transactions. The protection of high value transaction is amongst others guaranteed by the reader signature capability, which secures the transaction both on the end-user and the bank side.
With its enhanced security features, DIGIPASS 920 is ideally suited for environments which require high security such as corporate banking. Thanks to its extreme user-friendliness, DIGIPASS 920 is also suited for deployments in retail banking where end-users require highly intuitive solutions. Its PKI based digital signature capability also makes it ideal for corporate environments and e-government applications. The product will be available in Q1 2011.
Reader signature
The bank which issues DIGIPASS 920 to its customers can verify if a transaction is approved and signed by its customer with a genuine card reader. When that same transaction is signed by an unauthorized reader it will be rejected. DIGIPASS 920 offers security guarantees on both sides of the transaction. The end-user can trust the data he digitally signs since they are displayed in the secure environment of a trusted reader. The bank which issued the card reader can check that his genuine reader has been used during the transaction.
What You See Is What You Sign
DIGIPASS 920 has a 4-line full dot matrix display allowing extended data field validation on the screen of the reader. The display is highly flexible allowing logo display and Asian character sets. Thanks to WYSIWYS, data which need to be signed are displayed on the DIGIPASS 920 screen. The cardholder can verify them on the reader screen before confirming the transaction, thus adding an additional verification step before signing.
Secure initialization and firmware update
Reader initialization is upon request managed by VASCO's customization centre in Belgium. The centre is equipped for secure reader key loading iing in a secure and audited environment. Furthermore the DIGIPASS 920 firmware can easily be updated using proven security mechanisms in case the reader application and/or user interface requires updating when already deployed in the field.
Smart card PIN protection
PIN entry on a computer keyboard offers inadequate security for an Internet connected PC. DIGIPASS 920 has a dedicated 14 key PIN pad allowing for PIN-entry on the reader rather than on the PC keyboard. As a result the PIN cannot be intercepted via the PC, thus ensuring secure PIN entry.
DIGIPASS 920 uses a standard driver compliant with all popular operating systems such as Windows, Linux and MacOS. It leverages the available CCID driver requiring no installation of a separate driver on most of the popular PC platforms. DIGIPASS 920 supports several applications, including VASCO's PKI based DIGIPASS CertiID, EMV-CAP in connected mode, BankID, eID and any other application using a PC/SC compliant reader. DIGIPASS 920 has an optional docking station which enhances the user-friendliness when used in a desktop environment. DIGIPASS 920 is a connected card reader; as a result it has no batteries, making the device extremely suitable for banks which need to comply with ecological guidelines or policies.
"The reader signature, What You see is What You Sign and PIN protection features, DIGIPASS 920 is a highly secure device ideal for corporate and retail banking and e-government applications. As online attacks become more sophisticated, banks continue to look for more secure solutions. With DIGIPASS 920 we bring innovation to our customers further pushing the security boundaries," says Jan Valcke, President and COO at VASCO Data Security.