Alfa Bank

Creation of a Secure Information System for Alfa-Bank

Alfa-Bank needed to create a secure information system to provide services for issuing a Qualified Certificate of Electronic Signature Key Verification (QCESK) and granting access to QCESK information for legal entities and individual entrepreneurs (IEs). It was essential to ensure a high level of security and reliability in processing and storing private keys and conducting operations with certificates.

Task

  • Разработать систему для выпуска СКПЭП с использованием неизвлекаемого закрытого ключа, хранящегося на специализированном ключевом носителе с повышенной надежностью, исключающего несанкционированное использование и копирование. Обеспечить применение средств электронной подписи классов КВ2 и (или) КА1 с датчиком для генерации случайных чисел и механизмом контроля срока действия ключей.
  •  Создать систему для ознакомления с информацией КСКПЭП юридического лица, включая информирование заявителя о проведении операции ознакомления, построение защищенного TLS-соединения, ознакомление 
с информацией и подтверждение факта ознакомления с использованием электронной подписи, основанной на действующем квалифицированном сертификате.

Solution

1
A mechanism for issuing QCESK was developed, utilizing a non-extractable private key and a specialized secure key carrier with a high level of protection. Electronic signature tools with a random number generator sensor were implemented, along with a mechanism for monitoring key expiration dates.
2
A functionality for accessing QCESK information was developed, which includes notifying the applicant about the operation, establishing a secure TLS connection, providing access to the information, and confirming acknowledgment through the use of an electronic signature.

Result

The developed software ensures a high level of security and reliability for the issuance and processing of qualified certificates and access to QCESK information. The system is built on the software previously created in the EM project, but it has not yet been launched into operation. In the future, the system will improve the management of certificate issuance processes and information delivery, guaranteeing compliance with security and data protection requirements.

Let's Talk

Contact us, and we will provide detailed information about our products and services

    0/225
    Attach file (max 2 GB)