Fill-up Cash at Shell

Postbank customers not only get to pay for their fueling-up at Shell petrol stations, at the same time they also can withdraw additional cash. Technologically speaking behind the new POS system is iCash that simultaneously offers cashier functionality supplemented by teller functions whilst the monetary holdings remain virtually protected in a safe at the same time. The coins and bank notes entering the teller machines will be counted, checked for authenticity and finally issued as change automatically. Customers can use this system with their Giro- or SparCard (e.g. Debit or Savings card) in combination with their personal PIN to withdraw money from their account

NOVOSEC supported the Postbank in setting up this service beginning with the public tender and following conception to Roll-out, with special regard to the control and implementation of the logistic costs. The future banking business requires completely new concepts based on exactly such cross-sector collaborations and offered an added value for customers, trade business and the banking.

➜ Back to projects

Mobile Security at the State of the Art

The certgate Smartphone Protector is an all-in-one software package by which the functions and features of WindowsMobile based Smartphones and Pocket PCs can be adapted to the company-specific security policy. Confidential data stored on the device is fully encrypted via the certgate microSD smartcard and thereby protected against unauthorized access. The policy used by those devices is completely customizable to meet your security-level needs. The range of settings starts with turning off interfaces like USB and Bluetooth and ends with removing every single unwanted and untrusted application. The configuration interface has a modular design. Therefore, new devices and features can quickly be integrated into the product without any programming effort.

NOVOSEC took over planning and development of the certgate Smartphone Protector. With many years of experience in the field of mobile security, we support the certgate with the introduction into the market, further developing and advancing the product as well as providing technical support.

➜ Back to projects

Milestone in Security Compliance Management

It was a huge challenge for Deutsche Bank to continuously monitor the compliance with all security relevant configuration policies for the whole heterogeneous IT landscape and to establish an efficient gap resolution process.The effort for reaching and maintaining compliance was significantly reduced through comparison of the bank's policies and guidelines, on the one hand, with the GSD331 framework developed by its outsourcing partner IBM. On the other hand, it was thereby reduced with almost complete automation of security state monitoring and alignment of processes for internally and externally operated systems.

NOVOSEC supported the bank in the analysis of the relevant policies. This support included all previously defined controls with respect to automation potential and, in turn, security relevance in workshops with all stakeholders, in the definition of gap resolution processes and in the approval process for the implemented tools. In addition, the product managers were given our professional support in handling the gap reports.

➜ Back to projects

Vodafone Music Unlimited

Vodafone is waiving the DRM protection on music downloads. From now on, the Vodafone Music Manager allows customers to choose from over a million songs, and listen to the purchased music on an arbitrary type of player. Vodafone sells a vast range of music, from Robbie Williams to Die Toten Hosen (EMI), from Bon Jovi to Rihanna (Universal), from Christina Aguilera to Pearl Jam (Sony Music). Digital rights management no longer impedes the customers from listening to their favourite music on their favourite gadget. Whether on the car radio, the mobile phone, or the home stereo: Vodafone Music Store offerings can be enjoyed everywhere. And the Music Manager software offers even more: it synchronizes PC as well as mobile phone, and automatically completes the music library on the PC with songs purchased on the phone. A special feature: the music finder client can recognize songs, when the phone is held next to the speaker.

In implementing its music infrastructure, Vodafone has for many years relied on the expertise of the NOVOSEC specialists. NOVOSEC has developed security concepts for the Vodafone Music Store, and put the implemented solutions to the acid tests with simulated hacker attacks.

➜ Back to projects

montrada Releases Merchants from PCI Load

Internet shops using the montrada payment system can be relieved of PCI certification. Credit card organizations demand extensive certifications from Internet shops if they accept credit cards and consequently deal with sensitive data. The new form service developed by NOVOSEC relieves the merchants of handling payments themselves and hence they do not have to work with credit card data. They can offer even more: Besides credit card payments they can accept all other types of payments offered by montrada. Being a PCI certified Payment Solution Provider (PSP) montrada handles all payment transactions including acquisition and processing of credit card data.

NOVOSEC developed the form service for montrada, which extends the present POSH service. The form service can be used easily in existing shop systems. In this manner montrada's customers have a broad range of continuously updated and extended modern payment types at their disposal.

➜ Back to projects

Single Sign-on for Corporate Clients

Commerzbank AG has provided a new gateway to its corporate clients at www.commerzbank.de/firmenkunden for its internet-based applications. This is part of its multi-channel strategy to offer this unified internet presence. Thus Commerzbank unites the functionality of its corporate client portals 'company direct' and 'company-world' to support corporate clients in efficient, transparent and application-oriented financial management. The customers have to authenticate themselves only once at 'company-world' thereby enabling the use of all modules or to register online for selected modules. This functionality was implemented by means of a single sign-on (SSO) solution.

The concept for the SSO solution was developed by NOVOSEC. The challenge was to provide a central Identity management component for the interconnection between systems from various manufacturers being hosted in several computing centers across Europe. Corporate clients can now access Commerzbank's complete range of services and products independent of their location.

➜ Back to projects

Automated Roll-out Process for RSA CryptoToken

Deutsche Bank uses RSA SecurID hybrid tokens for authenticating its employees and for encrypting and signing data. Until recently, personalizing and administrating these tokens required the token holder and the administrator to perform all necessary actions together at the same location, making the processes unwieldy and time-consuming. In addition, personalized tokens could not be reused if the employee left the company, since a complete erasure of the content stored on the token was not possible.

NOVOSEC developed an ActiveX-based browser plug-in that enables Deutsche Bank to remotely control all administrative tasks of the token via web server. Token holders can execute all relevant functions on their own using the Internet Explorer. The new method for a full erasure permits the reuse of all personalized tokens, thereby effectively reducing the acquisition costs for new hardware.

➜ Back to projects

Card2Card Payments with MasterCard MoneySend

MasterCard MoneySend is a Payment system for MasterCard and Maestro cards enabling Banks to establish a global and cost effective network for transferring money from person to person. MoneySend is the first Payment system designed especially for your Mobile phone and Bank account so that transactions can be conducted fast, cost effectively and reliably. Since 2009, MasterCard offers its customers in the USA MoneySend forPerson-to-Person money transfers. MoneySend can be used via SMS, mobile Browsers, mobile applications or Internet PC. The card is linked to the customer's Mobile phone number. The sender of the money has to confirm the transaction via his mobile PIN.

Based on our expertise within the German and European Payment market NOVOSEC was authorised to conduct a competitors' analysis in order to elaborate the specific requirements for the German market. The focus was positioning the product for foreign payments within SEPA design and developments.

➜ Back to projects

Registration Application for Deka

The online administration of customer's subscriptions to numerous events allows for new opportunities in Customer Relationship Management. The registration application enables the customer to subscribe online for different product workshops of Deka Investment. Thus one can select the most suitable scheduled event and location as well as choose among optional information events. Moreover, the subscriber can nominate interested colleagues for the same event. Additional services like hotel reservation, rebooking of services as well as provisioning of additional informational brochures round out the comprehensive value for the customer. Since this system dramatically simplifies the necessary tasks of a modern event management, it further streamlines the setup of a quick response appropriate to current situations on the financial markets which requires quick and clear-cut reactions.

NOVOSEC has realized this innovative service by leveraging the latest web technology.

➜ Back to projects

Projects

In a multitude of projects we have not only demonstrated our excellent skills and professionalism, but also supported our customer at reaching their goals.

At this point we introduce some of the highlights. For further information please klick on the respective project:

Fill-up Cash at Shell

Mobile Security at the
State of the Art

Milestone in Security Compliance Management

Vodafone Music Unlimited

montrada Releases Merchants
from PCI Load

Single Sign-on for Corporate Clients

Automated Roll-out Process
for RSA CryptoToken

Card2Card Payments with
MasterCard MoneySend

Registration Application for Deka