KBC offers customers adaptive security with SecurIT TrustBuilder and IBM Tivoli Access Manager

November 28, 2012
KBC offers customers adaptive security with SecurIT TrustBuilder and IBM Tivoli Access Manager

KBC can now offer simultaneous use of different authentication methods for diverse user communities to login to their banking applications. 

About KBC:

The KBC group focuses on providing bank, insurance and wealth management products and services to retail customers, private banking clients and mid-cap / SMEs. It also provides services to corporate customers and engages in market activities. The product offering is not controlled from a separate banking or insurance perspective either, but is based rather on the needs of the customer, who can choose the banking or insurance product that best suits his individual needs. In this way, KBC – unlike many others – is able to respond flexibly at any time to new market circumstances and to switch easily between classic deposit products, life insurance products and bank-related investment products.

To reach this objective KBC makes use of different web applications for customers and for employees. More than 1 million customers use their applications with over 500.000 logons per day. In addition approximately 60.000 employees use the infrastructure to access multiple applications.

Objectives & drivers:

Authentication serves a vital function within any organization, securing access to corporate networks, protecting the identities of users, and ensuring that a user is who he claims to be. Yet the surge in security breaches, as well as evolving business environments require entirely new considerations for access control, representing a shift in how trust and control is established and maintained.

KBC wanted to offer different strong multi-factor authentication options above and beyond IDs and Passwords for different user communities. The different applications and environments each had different levels of risk.

Multi-factor authentication should deliver the appropriate protection for each use case, meet the needs of any user and any risk level while enabling customers broader choice, improved visibility, and the ability to expand into the future.

KBC concluded that the combination of IBM Tivoli Access Manager and SecurIT TrustBuilder could fill their needs perfectly and provide a path to act quickly to future changes in the market in a seamless and efficient way.

The solution

IBM Tivoli Access Manager for e-Business is the platform of choice for authentication, single sign-on and course grained access control. The SecurIT TrustBuilder solution enhances TAMeb with simultaneously use of different strong authentication methods. By using this combination KBC can accommodate the needs of different business environments with a single access management infrastructure.

The following authentication methods are in use for different KBC user communities:

  • Username/password
  • Form based
  • Basic authentication
  • Vasco Digipass
o OTP device
o Unconnected card reader
  • X.509 certificates
o certificate on USB Dongle
o certificate on Smart Card
Benefits for the Customer
The new platform allowed KBC to:
  • Map authentication methods to business risk and the needs of different user communities
  • Exploit multiple identity repositories into their access management infrastructure
  • Centrally manage, control and administer from one platform in an effective and profitable way
  • Implement a layered security model to further fortify against threats
  • Easily address new business demands - like Cloud and mobile devices – as needed.


Access management