PRISM 2.0 – the latest version with enhanced features and added security

The uptake of electronic banking is growing exponentially and will continue to do so. Rapid use of Internet has opened the possibility for banks to bring their services to customers at their finger tips anytime, anywhere, while improving the bank’s efficiency and revenue growth.

A complete retail and corporate Internet banking solution
With that view in mind TPS took the initiative and introduced PRISM back in 2001 as a retail Internet banking solution. With its commitment to provide excellent, high performance services with enhanced security features to its customers, TPS continuously improves and extends its products keeping in mind its customer’s feedback.

With years of experience and expertise built into PRISM, the new version, PRISM 2.0, is now on the rampage. PRISM 2.0 is a complete retail and corporate internet banking solution with enhanced architecture, additional security features and more user-friendly interface to further boost the performance and potency of the solution. Having being evaluated by world- renowned agencies like Bearing Point (KPMG Consulting), Ernst & Young and Rewters, PRISM 2.0 has stood through its penetration test for third party security review.

Achieve greater flexibility and Scalability with the newly enhanced architecture and robust platform
PRISM is a true n-tier application with each tier delivering a specific set of functionalities and seamlessly interacting with the layer directly above and below it.

PRISM has now been divided into two major components, the Integrated Web Portal Framework (Front-end) and the Back-Office Management Application (Back-end). The processing engine acts as a bridge between front end tiers and PRISM backend transaction authorization systems. This layer is loosely coupled with the front end tiers enabling changes in the front end of PRISM without impacting the processing engine and backend transaction authorization processing. This layer makes it transparent for the backend systems for any changes at the presentation layer thus making it a true separator of front end and backend systems. Based on the latest Microsoft .Net Technology, PRISM’s client server architecture allows the solution to be very flexible, scalable, and extremely easy to maintain and operate.

PRISM seamlessly integrates with any middleware, with the support of ISO-8583 message interface. PRISM also supports variety of interface protocols like Web Services, MQ, and ODBC Connect to interface with any external system.

The presentation tier is a mix of highly interactive and user friendly ASPX (Microsoft .Net based dynamic web-pages) and HTML (static web-pages). Any standard compliant browser like Firefox, Safari, Opera etc. can view these web pages.

Offset malicious cases of fraud with new and effective security features
With the rapid growth in the use of internet banking, banks are concerned with the challenge of offsetting the risks associated with conducting business in cyberspace. Sound management of banking products and services is fundamental to maintaining a high level of public confidence not only in the individual bank and its brand name but also in the banking system as a whole. To combat those threats and ensure that e-business transactions are not compromised, TPS has incorporated additional security features in PRISM.

Permit only authorized personnel to transact with Two Factor Authentication
Prism now supports dual factor authentication for performing transactions through DSS two-factor authentication to ensure that only authorized users can gain access to highly sensitive information and transact securely. This hardware token (2 Factor Authentication) technology is in collaboration with its technology partner Data Security Systems Solutions Pvt. Ltd. (DS3). The dual factor authentication requires the user to enter username and password along with a hardware token generated pin for verification which changes periodically. This eradicates the risk posed by ever increasing network sniffing utilities such as tcpdump or phishing tools from the Internet.

Evade phishing attacks through Two-way Authentication
PRISM offers an enhanced security process of two-way authentication to offset Phishing. Under two-way authentication, the customer is required to prove their identity to the bank’s web site and the web site must prove its authenticity to the user.

Secure password from key loggers through Partial Password Verification
HTTPS encrypted passwords etc will all go in vain if client browser computer has a key logger. To prevent this, the password is entered into PRISM in a way that only some random characters from it are keyed.

Prevent automated computer bots from login attempts through CAPTCHA Test
CAPTCHA Test is introduced in PRISM to prevent automated computer bots from performing fake registrations and login attempts. Users are required to enter text from human readable image (a set of numbers and letters from a distorted image) to make sure the entity sitting behind the client browser is not software. This feature would create an additional layer that will prevent the denial of service attacks to block bombardment of requests on to the website which will strain the network and exhaust its capability to respond.

Eliminate keyboard key presses recording through the Soft Keyboard in PRISM
To eliminate the chance of keyboard key presses recording and logging, PRISM provides a soft keyboard on the website. The user will be requested to enter the user name and password by clicking on the keyboard look alike on the screen. This ensures that any user verification information that is being inserted by the customer can not be recorded or logged.