• WeChat|

    With WeChat "sweep sweep"

  • 中文

Digital Certificate

Xinjiang Rural Credit Cooperatives’ Online Banking System

With its experience in online banking and certificates, Aspire CA designed several online banking certificate products to ensure the security of online banking user accounts.

File digital certificate: It provides online banking users with file certificate service to improve user account security by means of CMCA digital certificate ‘signature, authentication and double-factor protection (certificate + password).

USB Key certificate: It provides online banking users with USB Keys to ensure finance-level security. Online banking users must pass real-name authentication to ensure account and transaction security. Online banking users can use their real-name digital certificates to enable authentication, payment/transfer traction signatures and SMS verification, thus ensuring account and transaction security.

Customer Requirements:

Competition requirements: At the very beginning of the construction of its online banking system, Xinjiang Rural Credit Cooperatives planned to use digital certificates to ensure system security. According to the Law of

the People's Republic of China on Electronic Signature and relevant requirements of People’s Bank of China for online banking systems, an online banking system shall provide high-level security and superior experience

for its users so as to meet industry and competition requirements.

Service classification requirements: An online banking system provides different operation rights and service rights for different levels of users. Since the current “username + password” login method cannot identify

account security levels, digital certificates are required to verify account security levels, and then make different rights and services available to different accounts.

Security requirements: Digital certificates can ensure the security of online transactions and accounts, keeping users always in a secure environment. Is a user with a digital certificate logs into his/her account from

another PC that is not installed with the certificate, he/she cannot perform any operations except viewing the account. The digital certificate is a “key” to the account which greatly enhances its security.

      Customer Activities:

In March, 2013, Xinjiang Rural Credit Cooperatives chose Aspire CA as its online banking systems’ digital certificate security service provider to provide a online banking digital certificate solution.

1. User side:

Aspire CA provides 4 types of user certificates, i.e. individual user with a file certificate, individual user with a USB Key, business user with a file certificate and business user with a USB Key.

2.Platform side:

Service portal: It is the online banking website which invokes the controls/suite to ensure the security of operations (e.g. payment and transaction confirmation) clicked by users.

Certificate security suite: It ensures the security of users with USB Keys. It is invoked by the portal to provide such features as application for a certificate, generating asymmetric keys, protecting keys, invoking USB Key driver, safely storing file certificates and certificate security management.

Password protection control: It protects the username + password logins with a security mechanism, and ensures the security of the password and online banking system.

Operation management backend: It reviews and approves paper-based applications for USB Keys, handle real-name authentications of users, automatically reviews rules based on applications for USB keys, and interconnects with OPEN API for certificate authentication, signature authentication, evidence preservation and certificate and usage statistics collection.

OPEN API:It is CMCA’s basic capability that provides its certificate service API for interconnecting with third-party service platforms to provide such features as certificate application, certificate service and certificate management for them.

Authentication middle: It interconnects with the online banking platform for certificate authentication, signature authentication and evidence preservation, and collects certificate and usage statistics via OPEN API.

In June, 2013, the digital certificate solution for Xinjiang Rural Credit Cooperatives’ online banking system was put into operation upon completion of joint debugging.

Customer Benefits:

     As of September, 2016, Aspire CA issued over 0.65 million digital certificates to individual and business users of Xinjiang Rural Credit Cooperatives. Serving as user IDs, these digital certificates have enhanced account security and enabled strong logion authentication. They provide users with digital signature service when they perform payment and transfer transactions, thus ensuring the security of online banking operations, confidentiality of transaction data and non-repudiation of transactions.

Customer Profile:

Xinjiang Rural Credit Cooperatives is a local financial institution which provides RMB deposit, loan and capital settlement and collection & payment services through its cooperative banks in 14 districts, over 83 county unions and nearly one thousand outlets across Xinjiang. In recent years, its operations have grown by leaps with all KPIs hitting their record highs. Xinjiang Rural Credit Cooperatives is on top of the rural small & medium-sized financial institutions operation & risk ranking published by China Banking Regulatory Commission.