TrustBuilder® to support CAP-EMV Banking standard

New "Smart" Card deployments by financial institutions around the world today are increasingly based on the EMV (EuroPay, MasterCard, Visa) standard. The chip on these cards is able to store and run small applets, enabling the card to perform a number of different functions. One such function is the ability, when inserted into a suitable reader, to generate a one-time passcode. This application is called CAP - Chip Authentication Program - and requires users to have both an (offline) card reader and a chip card.

TrustBuilder: a Versatile Authentication Server (Gartner)

SecurIT’s TrustBuilder is an Authentication & Authorisation Brokerage framework that supports virtually any authentication requirement out-of-the-Box, such as:

• UserID/Password using LDAP, AD or any other repository

• One-Time Passwords (SecurID, Digipass and many more)

• Digital Certificates (SmartCards, Electronic ID Cards, etc.)

• Biometrics (voice, fingerprint, scan,...)

• Proprietary Systems

• Federation Tokens (SAML, ...)

TrustBuilder now supports the Gemalto implementation of CAP-EMV in the context of One-Time-password tokens to authenticate users and to sign transactions in conjunction with IBM Tivoli Access Manager. Further vendor support will be added in the near future, including the one from VASCO.

Support of EMV-CAP in conjunction with TrustBuilder will help Banking clients re-use their existing on-line banking application, while benefiting from the standardization, economies of scale, and security benefits of CAP-EMV cards. Trustbuilder will of course play and important role in overcoming mass-migration challenges by providing smooth alternate authentication schemes during Banks card issuance cycles, thereby achieving a smooth end-user migration. Such a flexible migration is a key requirement for a successful introduction of this new technology