What is Internet banking for corporate clients?

Internet Banking for Corporate Clients” of the “iBank2” system of appointments for the provision of electronic banking services to corporate clients (legal persons) in online mode on the basis of a laid down agreement on the provision of banking services.

Internet banking allows:

• create, sign and submit financial documents to the bank;
• withdraw from the bank calls (subscriptions and in.);
• check the status of the earlier submission of documents.

You can practice in Internet banking under any operating system: Windows, Mac OS X, Linux. For robots, any modern web browser is enough: Internet Explorer, Firefox, Opera, Chrome, Safari (you know, the browser is based on Mac OS X at once).

Internet banking provides security guarantees, eliminates the mechanism of encryption of information and electronic signature, supports the robot with USB tokens. Internet-banking in conjunction with accounting programs (1C and in.), simultaneously supporting the work of specialists from different offices.

How can you hang up to the computer for robots in Internet banking?

• Whether it be a modern computer with a volume of free operational memory less than 4 GB MB.
• Be it a modern operating system - Microsoft Windows: 7 (x86/x64), 8 (x86/x64), 8.1 (x86/x64), 10 (x86/x64) and more, Apple Mac OS X: 10.7 and more, Linux that in. .
• Monitor from a retail building no less than 1280 × 1024.
• Internet access. The recommended speed of the call is 200 Kb/s

For the Offline-Bank robot, you need to install the 32-bit version of Java, so you can get the IE browser from the website of the retailer.

Can you use internet banking from different computers?

So you can. To enter Internet banking, you need a computer with installed software "BIFIT Signer", Internet, a key with an electronic signature password.

All information (documents, registrations, confirmations) is centrally stored on the bank server and becomes available after entering Internet banking.

Plugin BIFIT Signer

Why is it necessary to install the BIFIT Signer plugin?

• The installed BIFIT Signer plugin is recognized for the electronic signature of the client.
• The BIFIT Signer plugin can be installed with the remaining version.

How to install the BIFIT Signer plugin?

If the plug-in is old, then the program will see a prompt “Your plug-in is old, to install the updated plug-in, go for the help. It is necessary to choose the strength of the fallow in the installed operating system”. Zavantage and install the plugin, dorimuyuchi podkazok.

Registration in Internet banking

How to start winning Internet banking?

You need to see the following:

• Return to the office of Bank "Primor'ya", place an agreement on the assignment of services from the "iBank 2" system, take a USB-token (attachment for collecting the keys of the EP). When visiting the Bank, you must present a document certifying the person.
• independently pass the registration on the site. After the registration is completed, the EP key will be generated on a USB token. . It is necessary to provide two copies of the EP reconciliation key certificate, sign it, certify it with the seal of your organization, transfer it to the office of the Economist Bank. Instructions for registering the organization and generating the key.

What does the warning mean: There are no rights for the work of the EP. Return to the Bank Administrator?

For the protection of information from the iBank 2 system, the SKZI cryptolibrary was introduced, so that cryptographic algorithms can be implemented according to GOST. Programs of SKZI "Crypto-COM" are available on the site in the "Distributive" distribution, as it is necessary to install it on the computer, accessing the instructions.

EP keys and certificates of EP reverification keys

Where to save the EP key for the hour of generation?

To save the EP keys, it is necessary to win the USB-tokens - attachments are not excluded from the EP keys.

What are the rules to follow when choosing a password to the EP key?

• The password is guilty of revenge with less than 6 different characters;
• Bazhano, the password was formed from Latin letters in different registers, numbers and special symbols;
• Your password is not guilty of folded from some numbers (so it's easier to fold "behind the back"), it is not guilty of being short and folded from symbols that are on the same line on the keyboard;
• The password is not guilty of a meaningful word (your name, date of birth, the girl's name is thin), so you can easily pick or guess.

How to rozdrukuvaty EP reverification key certificate, because the first time you didn’t think about it, what is the necessary duplicate of the certificate?

How to log in to the iBank2 system after creating a new ES key?

• Install USB-token (device for saving EP keys)
• Go to the login side of the system
• Evil mountains press the button "Select electronic signature"
• At the dialogue window, which was heard, press “Know EP” to the beast, or on the “magnifying glass” icon
• From the list I will name it by your number I will add it to choose the name of the EP key for which it is necessary to enter the entry to the iBank2 system
• Click on the notification "Data to be updated after logging in". You will see a window for entering a password
• Enter a password to access the EP

Respect!!!

• On the side of the entrance, the EP key is displayed, as the last time you entered the system from the computer.
• When pressing the "Select electronic signature" button, a list of ES keys will appear, which were previously used to enter the system from this computer.
• If necessary, the key is visible in the list, press "Know EP" or on the "magnifying glass" icon, you will be able to go to the list of keys, which were not previously entered before the system

How to create an entry to the iBank2 system with a login and password?

Logging in to the system by login (e-mail) and the password is assigned to the obov'yazkovym otrimannym SMS code to the phone number (without generating a key and giving certificates from the Bank).

To enter the system with a login and a password, go to the “login” tab on the login side of the system.

• Enter the email address. In order not to indicate the address of the e-mail at the skin entrance to Internet banking, set the ensign "Remember the e-mail".
• Enter a valid password.
• Enter code for baby.
• Press the "Submit" button. Either the e-mail address or the password is entered incorrectly, after pressing the “Submit” button, the next field will be seen in black color, and the reason for the pardon is indicated below.

In this way, the entrance can be speeded up:

• Spivrobitniki, yakі not mayut right to sign,
• Spivrobitniks with the right to sign can win the entry by login and password:
  • under an hour of work from untrusted outbuildings;
  • for better security;
  • for visibility.

When you enter the system with a login and password, all operations are available, for a wink:

• Signature of documents;
• Vikonannya dіy, yakі require a signature on the request, - nalashtuvannya monitoring (SMS notification).

If you are allowed to log in with a login and password in a number of organizations, then when you log in, you will be asked to choose an organization for further work.

Respect!!!

1. Creation of oblіkovih records, maybe only Kerіvnik organization and spіvrobіtnik for the participation of "Administrator". Entrance to the iBank2 system can be signed by electronic signature (EP key).
2. The creation of an oblіkovogo record for Kerіvnik organization can only be done by him. (“Nalashtuvannya”, “Login” tab, or select “Recorders”, “Recordings” from the menu list)
3. The role of "Administrator" is set by the organization key at the time of the creation of the oblikovy record for the koristuvach (Row of the menu "Spіvrobіtniki", "Special data")
4. Change the login of the spivrobitnik can be a Kerivnik or a spivrobitnik for the participation of the Administrator. Entry to the iBank2 system may be signed by electronic signature. (Row of the menu "Spіvrobіtniki", "Oblіkovі records")
5. Change the phone number may be less than a formal record. (“Nalashtuvannya”, “Login” tab)
6. Password reset before login (e-mail). That is, if every organization's account is assigned to one login, then all organizations are logged in with one password.
7. Letter to e-mail confirmation dated 24 years. After the indicated hour, a new registration of e-mail with the iBank2 system is required.

Pardon when entering the system

The "Pardon when logging in" alert appears after the password has been entered and only in the Explorer browser.

To complete it, it is necessary to add the address of the site in the "Nadiya Sites":

• in the address bar of the browser, copy the address of the site
• open the "Security" tab
• place the cursor on "Old sites" and click on the button "Sites"
• at the field "Add to the zone of the offensive vuzol" insert the copied address of the site and press the button "Add". The addresses will be moved to the "Website" field, and the "Add to the offensive zone" field will be cleared
• put a "V" next to the field "For all sites in this zone, server reverification is required (https:)"
• Press the button "Close" and "OK"
• Rezavantage the browser
• Create an entry to the iBank2 system

Usunennya pardon "Entering the system is not possible when localStorage is enabled"

A pardon is blamed for the foreshadowing of the skhovishchi.

Umknuti yogo can be at the browser's power. Dahl, on the example of Internet Explorer 11:

• you need to open the Service menu and go to the “Browser power”
• open the tab "Dodatkovo"
• know the parameter "Unmute DOM folder" and check the box
• save the nalashtuvannya and re-vantagize the side

How does the system choose a rahunka for locking?

For a skin document, you can choose a rahunok, which will be indicated for the locking. For whom to press on the vodpovidne the message "Sch.N" (these fields are marked with blue color and letters, which can be opened) and in the dialogue "Select rahunka" in the row of consumable rahunka in the checkbox "" the space "V".

USB tokens

What is a USB token?

USB-token is used to save ES keys. The EP key is generated in the middle of the building, and by no means, and no one can copy it, which will ensure the protection of your savings. The key of the EP can be seen only for the mind, as if the password is given. Forming the SP is seen without a middle in the middle of the attachment: at the entrance I will accept an electronic document, at the exit I see the EP under the document.

One USB-token can store up to 75 SP keys, fallow in the picker. On one USB-token, it is possible to save the keys of the EP of practitioners in various organizations. Where can you use a USB token in the computer, if you plug it in?

Where can you use a USB token in the computer, if you plug it in?

A USB token is not a flash drive, you can’t use it by clicking on the My computer shortcut. Yogo can only be found in "Appliance Manager", "Smart Card Reader Appliance", such as "Microsoft Usbccid (WUDF) Smart Card Reader Appliance".

Administration of USB tokens

You can do this with USB tokens and EP keys:

• Setting a PIN code for access to a USB token
• Another certificate of the EP verification key
• Changing the password for access to the EP key
• Changing the name of the EP key
• EP key visibility

In Internet banking, I distributed the “Key Administration” for the address .

In the Offline-Bank "Administration of EP Keys" there is a distribution of EP Keys.

Food security

Defense mechanisms in the "iBank 2" system.

iBank 2 belongs to the class of systems of encrypted electronic document processing.

To ensure the authenticity (proof of authorship) and the integrity of the document, the EP mechanism for electronic documents is tested.

To ensure confidentiality, there is a mechanism for encrypting data. When interacting via the Internet, encryption and control of the integrity of information that is transmitted are carried out, cryptographic authentication of the parties is carried out.

For the protection of information in the iBank 2 system, a support for the rich platform crypto library SKZI Crypto-COM 3.4 was introduced. Certificates of validity of the Federal Security Service of the Russian Federation No. SF / 114-3268 issued on September 11, 2018 (version 40), No. SF / 124-3269 issued on September 11, 2018 (version 41). We have implemented Russian cryptographic algorithms according to GOST R 34.11-94 and GOST R 34.11-2012 (hash function), GOST R 34.10-2012 (EP on elliptic curves), GOST 28147-89 (encryption, imitation).

In order to achieve the functions of cryptographic protection in the iBank 2 system, a support for the upcoming rich platform crypto libraries certified by the FSB has been introduced.

In the iBank 2 system, control archives are maintained, in which all electronic documents from the SP are stored for the resolution of conflict situations. The system maintains a history of documents — when the document was created, edited, signed, signed, or signed.

Additional security mechanisms for corporate clients.

• SMS-notifications: “About entry to the system”, “About document entry”, “About entry to the document bank”, “About entry documents”, “About rukh koshtiv on the account”, “About the current surplus”, “Record for the arkhunok” . One-time SMS password for entry up to "iBank2".
• SMS alert: “One-time SMS password for entry to “iBank2”.
• Confirmation SMS: “On the strength of payments to “iBank2”. As a way of removing one-time passwords from the iBank2 system, SMS notifications and OTP tokens are retrieved.

What kind of security calls do you need to make for an hour of work in Internet banking?

Dodatkovo you need to know about

Instructions for installation (for clients who install the Bank-Client system independently)

1. Copy the distribution kit, taken from the Bank, to a hard disk (like the distribution kit was taken from the site from the *.zip archive, unpacked).

2. Run the Setup.exe file from the distribution kit

3. It is also planned to save the secret keys on floppy disks, to carry out the entire installation with parameters for locking (beforehand, prepare clean floppy disks for the number of signatures).
Otherwise: (it is transferred to save the keys on the flash memory or on the hard disk), during the installation process, uncheck the check-box "Installation with parameters for locking"

4. If you have chosen the installation for locking, please refer to the instructions of the installation program. If you didn’t choose the parameters for locking, then during the installation process you will step forward:


Press the button ... editing the catalog of private keys. Replace drive letter A: put the letter attached, remove the private keys.

5. Yes, the installation process will be powered by the system's core.
Select DBA. For help button >> move the list of available keys to the right

6. Away from the installation, do not click on the button, just press the "Next" button, do not stop the docks

H press OK.

7. Run the Bank-Client program
(Start - All programs-BSSystems - Client BS-Client v.3)

8. See at the menu Nalashtuvannia - Transport. In the upper list, assign the subscriber ZAT NKB Slovyanbank. At the bottom list: click on the record ARM ZAT NKB Slovyanbank. At the vikni, what happened

edit the parameter Maximum number of days. May be ten. Press the OK button.

9. Repeat point 8 for the transport subsystem. (Vlasny record of the IP and Host fields are empty).

10. In the window "Parameters of the transport subsystem" select the tab "Gateways". Hanging clatter on the gateway "2 TCPGATE". Press the button "Parameters" at the window "Description of the gateway". Set the checkbox "Display data transfer indicator"

Respect! If the client's workstation is located in the local area and connected to it, there is no way through the proxy or the gateway, it may be necessary to install:ZAT NKB Slovyanbank in the IP field enter the IP address of your gateway, clear the Host field. Set your gateway in such a way that traffic goes to port 1024 of the gateway, forwarding to the IP address 213.148.170.187. The firewall, apparently, is to blame for passing all the traffic. Called with the bank server using the TCP protocol and initiated by the Client.

11. Shut up the Bank-Client program and replace the C:\BSClnt_3\SUBSYS\PRINT\RTF files CertProp.rtf and keyexch.rtf with the same files that were sent to you with the distribution package. Launch the Bank-Client program.

12. Respect! Keys installed from the distribution kit are technological and not accessories for signing payment documents. It is necessary to register a new certificate as soon as it is installed.

For whom in the Bank-Client system:

The menu item Settings - CryptoZakhist - Request for registration of certificates is activated.

At the end, press the "New" button

AT vibrati the key, which is next to be updated, is signed with the old key of the Client and is enforced to the Bank. At the same time, the document is being formed:

Registration card No. ____

Signing key (certificate)

Crypto-protection system: "CRYPTO-SI" (version 1.0) 340-00-371

Client name: Enter the name of the client

Vlasnik of the key:(Vasil Ivanovich Pupkin)

Key parameters:

Algorithm: GOST R34.10-2001

UID: nes-1 (17-04-2009 14-32-37)

The text of the hard key :

Signature key to sign:remember: Posada, P.I.B. vlasnik key

(posada, P.I.B. vlasnik key)

Key registration date:Put the current date

Signature of the owner of the key: ___________________________ M.P.

(signature)

_____________________ P.І.B ker_vnik)

(Signature of the stonework *) (P.I.B. of the stonework *)

Head of the Board __________________ Titov V.I.

(signature)

Head of the Department of the RVC Popov S.G.

(signature)

M.P.

For this document, it is necessary to fill in the fields, marked with chervonim, rozdrukuvat in 2 copies, verify with the signature of the clerk of the key and the signature and the signet and send it to the Bank. Call the Bank at 66-51-95 about changing the key. Negatively after the receipt of this document by the Bank, a new client certificate will be registered, and after the Bank-Client system, the Client will be sent confirmation of registration. The system is ahead of the procedure for obtaining a certificate from a bank and prompting you to register. After successful registration of new secret keyіsnuvatime in a single copy on the znіmny nose of the keeper of the key. Dia of the old key is attached.

Respect!In view of the importance of the designated procedure, Kerivnik, Chief Accountant and Key Accountant are strongly recommended to be especially present at the request for registration and rozdrukivtsi of the Certificate of Identification.

At PAT CB "SUMMIT BANK" for the management of clients with their funds, the system of remote banking services "iBank 2" was installed by the company "BIFIT". iBank 2 belongs to the class of encrypted electronic document management systems.

To ensure confidentiality the encryption mechanism of data. When interacting via the Internet, encryption and control of the integrity of information that is transmitted are carried out, cryptographic authentication of the parties is carried out.

The system implements Russian cryptographic algorithms up to GOST 28147-89 (encryption, imit_insert), GOST R34.11-94 (hash function) and GOST R34.10-2001 (EP on elliptical curves).

To achieve the functions of the cryptographic attack in the iBank 2 system, a support for the upcoming rich platform crypto libraries certified by the FSB was introduced:

• PBZI "Crypto-Ci Version 2.0" of the company "CryptoEx" (certificate of validity of the Federal Security Service of the Russian Federation registry No. SF / 114-1614 issued on February 28, 2011);
• SKZI "Crypto-COM 3.3" of the company "Signal-COM" (certificates of validity of the Federal Security Service of the Russian Federation No. SF / 124-2815 dated February 1, 2016, No. SF / 124-2816 dated February 1, 2016).

The iBank2 system is equipped with the support of the personal hardware crypto provider iBank2Key, which looks like a USB token and a smart card. PERSONALLY ADAPER CRYPTOPRODLER-S SKZІ KRYPTOMODUL-C, SERTIFIRKOKOVEN FSB of the Russian Federation behind the CLASS KS2, Zakhsnaya Zakhsnaya Skidnuny Keywords Elektrod Pіdpisu (Neustic Key) І Zdіysnyuє in the SOCI "Formulavna of Elektrod Klіdt Pіd Document with Wickridges Rosіysky Kryptoalgall. . Also, the system is equipped with a signature of the personal hardware crypto-provider "MS_KEY K" in the appearance of a USB-token certified by the FSB of the Russian Federation for the class KS2 (certificate of the Federal Security Service of the Russian Federation of the Federal Security Service of the Russian Federation No. SF / 124-2673 issued on 30.07.2015).

In the iBank 2 system, control archives are maintained, in which all electronic documents from the SP are stored for the resolution of conflict situations. The system maintains a history of documents - once the document has been created, edited, signed, signed, or returned.

PC bankingє solutions for the work of the client part of the iBank2 system in offline mode. Working with documents, documents, importing documents from accounting programs, signing documents, reviewing signatures do not require a permanent connection to the Internet.

For the functioning of PC-banking, the client will need either a modern computer with an operating system or a virtual Java machine - Microsoft JVM, embedded in Internet Explorer, Sun Java Plugin, or whatever, not lower than JRE 1.7 .

Synchronization with the bank - transferring financial documents to the bank, capturing bank statements, synchronizing accounts, capturing the update of the client component of PC-banking - via the secure TCP/IP connection.

The client component of PC-banking is implemented with a Java add-on, which is installed on the computer of the clerk. The client distribution of PC-Banking may be approximately 6 MB and units for all clients.

The primary source of information for PC-banking is the banking server. In the event of a computer failure, when reinstalling the OS, or when working on a new computer, it is sufficient to reinstall the client distribution kit for PC-Banking and perform synchronization with the bank.

As a result, from the bank server, all the client’s in-line adjustments will be received, documents with in-line statuses sent to the bank earlier, status change history, all bills, holders’ and beneficiaries’ documents, all system updates. The period of synchronization of documents and notes is set by the client himself.

The client component of PC-Banking is multi-client - within the framework of one program, the robot is supported by many organizations with its own details, documents, signatures and docs. The skin organization works at its own “flat” program and does not overlap with others.

PC-Banking has the functions of forward registration of clients, generation of ES keys (electronic signature), key management and other certificates, a one-time password generator and verification code for OTP tokens.

PC-banking ensures the security of guarantees, eliminates the mechanism of electronic signature on financial documents of clients. All data is encrypted using Russian cryptographic algorithms, there is control over the integrity of data that is transmitted. The system ensures the legal significance of electronic document processing. The work of a sufficient number of practitioners and the keys of an electronic signature is supported.

Additional security mechanisms for corporate clients.

• SMS-information of clients about entering the system, about entering the bank of payment documents, about ruh koshtiv for clients' accounts.
• Expanded bugatfactory authentication every hour to log in to the system with different one-time passwords.
• The mechanism of additional confirmation of payment handbooks with one-time passwords (additional to EP).

As a dzherela of one-time passwords, the system "iBank 2" wins SMS-alerts and OTP-tokens.

From the method of improving security and working hours in the middle of the Internet, it is recommended to familiarize yourself with the following documents:

Documents for the cob work in the iBank2 system:

Helper of a Koristuvach PC-Banking (short 1.8 Mb - 52 sides, 5.5 Mb long - 205 sides)

Get and install:

Client distribution kit PC-banking

Windows 32 bit	PC Banking.exe (5.7 Mb)	MD5 2CFD24D4318502AC7F513ED41B78836D
Windows 64 bit	PC-Banking_x64.exe (5.8 Mb)	MD5 F41EAFAC8CA90686EB8FFCF772186D55
Linux/MacOS 32-bit	PC-Banking-linux-i586.tar.bz2 (6.31Mb)	MD5 3F9D308E37AD6C662F9FC49002A73B2A
Linux/MacOS 64-bit	PC-Banking-linux-x86_64.tar.bz2 (6.43 Mb)	MD5 5A28B161A9D66AFDF45BD2D9D932D781

The third column shows the sum of PC-Banking distributions. To check the validity of the installation files,

«Help of a Koristuvach Version 2.0.23 Zmist Peredmova.......................................... 2 ..."

"iBank 2" system

Helper with robots with USB tokens

and smart cards "iBank 2 Key"

Helper of a Koristuvach

Version 2.0.

Peredmova ........................................ 2

Global reviews about personal hardware crypto providers.......... 3

Headlines about USB-tokens "iBank 2 Key".. 4

General information about "iBank 2 Key" smart cards.................................. 5 Preparing "iBank 2 Key" to work.......... ............... 5 Driver installation for iBank 2 Key for Windows. .......... 9 Installing the driver for "iBank 2 Key" for MacOS............. 9 Working with USB tokens and smart cards "iBank 2 Key" .................................. 13 Operation and saving of USB-tokens, smart cards and card readers ..... 13 Use of USB-tokens and smart cards "iBank 2 Key" during registration in the «iBank 2» system .............................. 14 Administration of USB-tokens and smart cards « iBank 2 Key .......................... 16 Login to the iBank 2 system .............................. 20 Confirmation of documents in Internet-banking for private clients... 21 Crypto-libraries library of PBZI "Crypto-Ci" Version 2.0 and SKZI "CryptoCOM 3.2"............................ ......................... 22 Installing crypto libraries on the client side for Windows........ 23 Installing crypto libraries on the client side for Linux.. ........ 23 iBank 2 system Version 2.0.

23 Peredmova This document is an aid to the selection of iBank 2 Key personal hardware crypto providers in the iBank 2 electronic banking system. The iBank 2 Key add-on has two options - a USB token and a smart card.

In the distribution of Global information about personal hardware crypto providers, the recognition of USB tokens and iBank 2 Key smart cards is reviewed in detail and information about their compatibility with different operating systems is presented.

Information about the choice of USB-tokens and "iBank 2 Key" smart cards and the necessary information for ensuring their correct work is presented in the following sections:

Installed drivers for iBank 2 Key for Windows;

Customization of firmware for USB-tokens and card readers for Linux;

Installing drivers for iBank 2 Key for MacOS;

At the distribution of Operation and security of USB-tokens, smart cards and card readers, please visit us for security and reliability of these electronic devices.

Transfer of USB-tokens and smart cards "iBank 2 Key" for an hour of work with the "iBank 2" system

reportedly reviewed at the departments:

Use of USB-tokens and smart cards "iBank 2 Key" when registering in the "iBank 2" system;

Administration of USB-tokens and smart cards "iBank 2 Key";

Confirmation of documents in Internet banking for private clients.

Also, at the help of the distributor of Wikoristan cryptolibraries of PBZI "CryptoSі" Version 2.0 and SKZI "Crypto-COM 3.2", the upgraded cryptography on the client's side was reviewed.

–  –  –

General information about personal hardware crypto providers Personal hardware crypto providers "iBank 2 Key" generate the ES key in the middle of themselves, secure the security of the security and form the ES for electronic documents in the middle of the annex.

The main problem of "iBank 2 Key" is the protection of the security and the unreadability (impossibility of reading) of the ES key. Neither a retailer, nor a vlasnik, nor an evil-doer can get the EP key out of the annex in any other way.

iBank 2 Key has advanced cryptographic functions:

Hardware stable cryptographic generator of random numbers;

Generation of ES key and ES reverification key;

Molding and re-verification of EP according to GOST R34.10-2001 (elastic curves);

generation of encryption keys;

Encryption and decryption are valid up to GOST 28147-89;

Formation and re-verification of the imitation of the insertion (the sequence of data is fixed, which is taken for the first rule of entering the data of the secret key and is added to the data for the security of the imitosis) is valid to GOST 28147-89;

The calculation of the hash function is valid up to GOST R34.11-94.

Formation of the TU is valid up to GOST R34.10-2001, it is entered without any middle in the middle of the token: it accepts an electronic document at the input of iBank 2 Key, at the output it sees the TS under this document. For this, the hour of forming the EP is less than 0.5 sec.

The EP key is generated by the iBank 2 Key itself, stored in the memory protection of the iBank 2 Key

And no, no, no, for every day you can't get paid with "iBank 2 Key".

iBank 2 Key has a protected memory area that allows you to save up to 63 keys of the SP of the main contacts of one client or a large number of clients.

The "iBank 2 Key" support was introduced into the client modules of Internet-banking, PC-banking, Financial Control Center, Corporate Auto-Client. It is possible to work one hour a day with a kilkom connected to the iBank 2 Key computer (relevant when working with the CFC).

The company "BIFIT" promotes two types of personal hardware crypto providers:

iBank 2 Key USB-token (div. announced Global Newsletter about iBank 2 Key USB-tokens) and iBank 2 Key smart card (div. updated Global Newsletter about iBank 2 Key smart cards).

The use of a USB token or an iBank 2 Key smart card is fundamentally impossible to steal the keys of the EP, which are obtained when working in the iBank 2 electronic banking system.

–  –  –

Headlines about USB-tokens iBank 2 Key

The iBank 2 system has a support for the upcoming USB-token models:

Vikonanny building "A" (div. Fig. 1);

Vikonanny hull "M2" (div. Fig. 2);

Vikonanny building B (div. Fig. 3).

–  –  –

In this hour, the "BIFIT" company is proposing to banks to win "iBank 2 Key" from "M2" and "B".

USB-token "iBank 2 Key" ("M2" symbol, "B" symbol) is a hardware USB device in a compact plastic case, which consists of a USB-card reader and a protected card microcontroller ST23YL18 manufactured by STMicroelectronics.

Microcontroller certified for compliance with ISO/IEC 15408 (common criteria) with EAL5+. At the microcontroller for the first hour of vibration, the card operating system of the vetchizny retailer TOV "ProgramPark" is "flashed" in a mask way.

At the warehouse of the card operating system there is SKZI "Cryptomodul C23" (retailer - TOV "ProgramPark"), certified by the FSB of the Russian Federation for class KS2. FSB certificate of Ukraine No. UV/114-1511 dated 08.07.2010

To change the functions of the iBank 2 Key token, a support code for the development of the crypto library was introduced into the iBank 2 electronic banking system.

USB-tokens iBank 2 Key Viconan M2, Viconan B are approved for work on the following platforms: Windows XP/2000/2003/Vista/7, Mac OS X 10.4.8 or older, Linux 2.6.x with Java 6 versions

–  –  –

Global news about "iBank 2 Key" smart cards

The iBank 2 Key smart card is functionally similar to a USB token. The only two features between a smart card and a USB token are different interfaces (ISO 7816 and USB) and different sizes of attachments.

"iBank 2 Key" smart card is connected to the computer via a CCID smart card reader – an external USB attachment for smart card reading operations (div. small 4).

In operating systems Windows Vista / 7, Mac OS X, the card reader does not require the installation of additional software and is automatically recognized in the OS.

In other Windows operating systems, you need to install the driver (div.

Installing drivers for iBank 2 Key for Windows).

Some laptop models (Dell, HP, Lenovo) are equipped with built-in card readers, which can be used for work with the iBank 2 Key smart card.

iBank 2 Key smart cards are approved for work on the following platforms:

Windows XP/Server 2003 SP2/Vista/7, Linux 2.6.x, Mac OS X 10.6.x with Java 6 affix, Mac OS X 10.5.x with Java 5 affix.

–  –  –

Preparing iBank 2 Key for Operation Installing the iBank 2 Key Driver for Windows The iBank 2 Key driver is required for operation with USB tokens and iBank 2 Key smart cards in the iBank 2 electronic banking system.

Respect!

The driver for iBank 2 Key is installed before connecting the add-on. Under the hour of installing the driver, all programs must be closed, so that the pardons under the files are deleted. To install the driver, you need the rights of the system administrator.

To avoid pardons when installing the driver, do not install via the Remote Desktop Protocol.

–  –  –

To install the driver, download from the bank's website or from the portal https://ibank2.ru the installation file:

For 64-bit systems https://ibank2.ru/drivers/iBank2Key-Driver-Windows-x64-1.11.exe (2.8 Mb)

For 32-bit systems https://ibank2.ru/drivers/iBank2Key-Driver-Windows-x86-1.11.exe (2.7 Mb) Run the capture file. A window will appear on the screen to select the mov installation (div. small. 5).

–  –  –

For locking, the driver installation directory is propagated - C: Program Files BIFIT iBank 2 Key Driver 1.11. To change the installation directory, press the button Change and specify the required location.

To continue to select the installation type (div. small 8), press the Next button.

–  –  –

At window Type of installation, set the ensign to the desired value and press the Next button to go to the next window of the installation program (div. small 9).

–  –  –

If you choose the type of Povna installation, the necessary components will be installed on the computer of the coristuvach, which will ensure the operation of all types of iBank 2 Key (smart card, USB-token for the case M2, A, B).

If you select Vibirkov installation type, you can choose for which type of iBank 2 Key the following components should be installed.

To continue installing the driver, press the Install button.

Rice. 10. Installing the necessary driver components

For the final program of the installation of the driver (div. small 11), put an ensign next to the Show readme file field, so you want to know a short information about "iBank 2 Key"

and press Done.

"iBank 2" system Version 2.0.

–  –  –

Customization of firmware for USB-tokens and card readers for Linux

1. Depending on the architecture of your operating system, zalezhte і from the website of the bank or from the portal "iBank2.RU"

For 64-bit systems https://ibank2.ru/drivers/iBank2Key-Driver-Linux-x64-1.07.sh.gz (152 Kb)

For 32-bit systems https://ibank2.ru/drivers/iBank2Key-Driver-Linux-x86-1.07.sh.gz (137 Kb)

2. Change the presence of running pcscd daemon (PC/SC Smart Card Daemon) to pcsc-lite (smart card access software) and libccid libraries in your OS.

3. Unzip the archives and run the script iBank2Key-Driver-Linux-***.sh, de *** - the bit depth of the OS architecture.

As a result of library script typing and configuration files required for iBank 2 Key operation, they will be copied from the archive to the required OS directories.

Installing iBank 2 Key Driver for MacOS To use iBank 2 Key USB tokens on MacOS, you need to install the iBank 2 Key driver.

Respect!

The iBank 2 Key USB token drivers are installed before the device is connected.

To install the driver, download and unzip the ZIP-archives from the iBank2.RU portal:

https://ibank2.ru/drivers/iBank2Key-Driver-MacOSX-2.13.pkg, 269 KB.

–  –  –

To continue to select the type of driver installation (div. small 13), press the Continue button.

Rice. 13. Windows Installation: iBank 2 Key Driver 2.13. Placement

–  –  –

Rice. 14. Windows Installation: iBank 2 Key Driver 2.13. Type of installation To change the installation directory, click the button Change installation expansion... and enter the required location.

Press the Install button for the standard driver installation. Information about the installation process will appear on the screen (div. small 15), after completion it is necessary to restart the computer to update the system files. For which one press the button Rezavantage (div. small. 16).

–  –  –

For the correct operation of Java-applets of the iBank 2 system in the MacOS environment, it is necessary to change the version of Java 1.6.

The choice of versions of Java applets for MacOS can be found at Finder/Applications/Utilities/Java/Setup Java (div. small 17).

–  –  –

Robot with USB tokens and smart cards "iBank 2 Key"

Operation and storage of USB tokens, smart cards and card readers USB tokens, smart cards and card readers and sensitive electronic devices. With their savings and exploitation of coristuvachev, it is necessary to comply with a number of rules that could, if any facilities are damaged, they can go out of tune.

The following operating rules and the protection of the three-term service of USB tokens, smart cards and card readers, as well as the protection of the confidential information of the correspondent.

It is necessary to protect USB tokens, smart cards and card readers from strong mechanical impacts (falling from height, shock, vibration, hitting hard).

USB tokens, smart cards and card readers need to be protected from high and low temperatures. With a sudden change in temperature (bringing in a chilled outbuilding from frost in a warm place), it is not recommended to use a USB token, a smart card or a card reader with a 3-year stretch, so that it can be hidden through condensation on an electronic circuit. It is necessary to protect USB-tokens, smart-cards and card readers in case of falling direct sleepers on them.

It is necessary to protect USB-tokens, smart-cards and card readers from water and aggressive environments.

Unacceptably pouring into USB-tokens, smart cards and card readers of strong magnetic, electric or radiation fields, high voltage and static electricity.

When connecting a USB-token or a card reader to the computer, do not report the downloaded data.

USB-token in the non-working hours must be closed three times, in order to avoid hitting the sockets of the USB-token with a saw, ford, or water. When you change the rose of the token, it is necessary to get used to it for its purification. To clean the hull and rose, weave dry cloth.

Victory of water, rozchinniki and other rіdins is unacceptable.

Don't use USB tokens, smart cards and card readers - before you waste your warranty!

It is necessary to unify the power supply voltage of the computer and the USB bus when the USB port is connected, and also do not remove the token or card reader from the USB port for an hour of recording and reading. It is reserved to take a smart card from the card reader for an hour of the procedure for recording and reading.

In the event of a malfunction or incorrect functioning of USB-tokens, smart cards or a card reader, please contact the Bank.

1. Do not give USB tokens and smart cards to third parties! Do not tell third persons the passwords for the EP keys!

2. Connect the USB-token or smart-card to the computer for less than an hour using the "iBank 2" system.

3. At the time of spending (robbing) or using a USB-token or a smart card, contact the bank in a negligent manner.

"iBank 2" system Version 2.0.

23 Use of USB-tokens and iBank 2 Key smart cards when registering in the iBank 2 system

The process of early registration of corporate clients is carried out at the main workstations (Internet-Banking, PC-Banking, CFC-Online), banking spivrobitnikiv – at the “Registrar for banking spivrobitnikiv” automated workplace. To register, connect to the Internet, launch a Web browser and go to the side for clients or for your bank's "iBank 2" system.

On storіntsі input klієntіv, spіvrobіtnikіv system of the Bank iBank 2 viberіt vіdpovіdny point: Obslugovuvannya corporative klієntіv Center fіnansovogo control line abo Poperednya in Registration bankіvskih spіvrobіtnikіv in rezultatі chogo spochatku zavantazhitsya html-storіnka scho mіstit short Opis PROCEDURE reєstratsії new klієnta abo spіvrobіtnika, and through 15 - 30 seconds (depending on the security of access to the Internet) to take advantage of the open workstation.

Connect the USB token or card reader with the inserted "iBank 2 Key" smart card to the computer's USB port.

Go through the registration stages. On the eighth fold (corporate client) or on the fourth fold (banking spivrobitnik) as a key collection, select the USB-token item from the list or a smart card (div. small. 18, small. 19).

Rice. 18. AWS "Internet-banking for corporate clients". Early registration. Krok 8 of 11

–  –  –

Rice. 19. AWP "Registrar for banking spivrobitnikiv". Early registration. Krok 4 z 7 At the next registration deadline, you need to enter the name of the password before the EP key that is being created.

Even if you enter the name of the key in the collection of keys, you already have the key from such names, then in which case the key will not be overwritten, about which you will see a similar advance (div. small. 20). In this case, it is necessary either to assign a different name to the key, or else to remove the non-required key from the Store (div. Administration of USB-tokens and smart cards "iBank 2 Key").

–  –  –

Note:

One USB-token or iBank 2 Key smart card can contain up to 63 keys of the ES of the remote contacts of various corporate clients, which are serviced in different banks with different copies of the iBank 2 system.

–  –  –

In order to keep your password secure:

The password is not guilty of being composed of only digits (so it is easy to look at it from behind the back);

The password is not guilty of being short and folded from symbols that are on the same line on the keyboard;

The password is guilty of vengeance in the case of both great and small letters, numbers and signs;

The password is not guilty of a meaningful word (your name, date of birth, the girl's name of the squad is too short), so you can easily pick or guess.

It is incorrect to enter the password before the EP key, which is located on the USB-token or iBank 2 Key smart card, can be no more than 15 times later. The next time the EP key is blocked forever.

Administration of USB-tokens and smart cards "iBank 2 Key"

Possible steps with "iBank 2 Key" and EP keys:

1. Setting a PIN code for access to USB tokens and smart cards "iBank 2 Key";

2. Other certificate of the EP verification key;

3. Changing the password for access to the EP key;

4. Changing the name of the EP key;

5. Visibility of the EP key.

Administration of USB-tokens and smart cards "iBank 2 Key" is required:

Corporate clients in Internet-Banking, PC-Banking, CFC-Online;

Private clients in Internet banking for private clients;

Spіvrobіtnikami bank in the AWP "Registrar for banking spіvrobіtnikіv".

–  –  –

3. In the field of choice of USB-tokens and smart cards, the serial number of the connected to the computer will be added. If necessary, you can select another device connection by pressing the Select button. Under the serial number, a list of keys of the EP will appear (div. small 21);

–  –  –

Rice. 21. AWS "Internet-banking for corporate clients". Administration of EP keys Private clients

1. Go to the distribution of Keruvanny with the keys of the EP.

2. Connect the USB-token "iBank 2 Key" to the USB port of the computer, or insert the smart card into the card reader, connect to the computer.

3. To choose the need for a day, having pressed in on the power of strength (Div. Mal. 22).

4. It is necessary to switch to the side with the chosen day. In the field of choice of USB-tokens and smart cards, the serial number of the connected to the computer will be added. If necessary, you can choose another connection for attachments. Under the serial number, a list of ES keys will be available for the selected Skhovisch, where it is necessary to select the required ES key and viconate the div.

mozhlivі dії іz keys EP).

–  –  –

Rice. 22. AWP "Internet-banking for private clients". EP key management

1. Launch AWS "Registrar for Banking Practitioners" and select the item Administration of keys of the EP (div. small. 23).

2. Specify the type of storage of PU keys - USB-token or smart card.

3. In the field of choice of USB-tokens and smart cards, the serial number of the connected to the computer will be added. If necessary, you can select another device connection by pressing the Select button. Under the serial number, the list of TU keys of the selected link is displayed;

4. Select the SP key, and then press the exit button (on the 19th page, you can find the SP keys).

–  –  –

Setting a PIN code for access to USB tokens and smart cards "iBank 2 Key"

To secure additional protection against unauthorized access to the ES keys that are saved on USB-tokens or iBank 2 Key smart cards, it is possible to set a PIN-code for access to iBank 2 Key.

When entering the iBank 2 Key from the PIN-code, it is possible to cancel the list of iBank 2 Key keys and any of them until the correct PIN-code is entered.

PIN-code to iBank 2 Key, as well as the number of insertions, will be requested from the clerk in case of an emergency:

Authentication in Internet banking;

Turning to "iBank 2 Key" at a different connection and a remote connection;

Return to iBank 2 Key pіd h administruvannya EP keys;

Signature of documents and synchronization of data from the bank for an hour of work in PC-Banking.

To assign a PIN code, select the required EP key from the list and press the Change PIN button (Internet-Banking, PC-Banking, CFC-Online, bank account registrar) -code and press the Accept or Change PIN button.

The PIN-code must be composed of at least 6 characters and may be a combination of letters, digits and different characters (recommendations for organizing a password protection on page 16).

It is not possible to see the assignment of the PIN code to the iBank 2 Key, it can be changed again.

It is possible to enter the PIN-code for access to iBank 2 Key incorrectly no more than 15 times later.

After that iBank 2 Key is blocked for vikoristannya.

Other EP reverification key certificate Select the required EP key from the list and press the button Edit or send Export certificate from RTF. Enter a password to access the email key. Press the Accept or Export certificate from RTF button.

Change the password for access to the EP key Select the required EP key from the list and press the Change password button or send Change the password. Enter the current password of the EP key and the new password. Press the Accept or Change password button.

Change the name of the EP key Select the required EP key from the list and press the Rename button or send Rename the key. Specify the password for access to the EP key and the new name of the EP key in the key collection. Press the Accept or Rename key button.

–  –  –

Vidalennya key EP Uvaga!

If the key of the EP is seen from the collection of keys, it is impossible to restore it. You can see the keys for that, but they won’t be victorious when working with the system (keys with the line dії, compromised keys, etc.).

Select the desired EP key from the list and press the Vidality button or send the Vidality key. Enter a password to access the email key. After pressing the Accept or View key button, the key will be permanently removed from the Key Collection.

Login to the system "iBank 2"

Connect to the Internet, launch a Web browser and go to the side your bank.

Connect the USB-token iBank 2 Key to the USB port of the computer or insert a smart card into the connection to the computer card reader.

On the main page of "iBank 2" select the item that is necessary for you: Corporate customer service, Online financial control center, Banking operational or Banking administrator, as a result of which the start html-side will be occupied, and after 15 - 30 seconds Internet) to be privatized by powering the workstation.

The first window of the AWP, Entering the system, is recognized for authentication of the koristuvach, shown in fig. 24.

–  –  –

For whomever it is necessary to viskonat such things:

In the field Type of collection, select USB token or smart card. The Identifier field displays the serial number of the selected USB token or smart card.

Whenever you enter a USB token or a smart card, before which a PIN code is inserted, a window for entering a PIN code appears on the front side (div. small 25).

–  –  –

From the list of the Key field, select the name of the TU key. Enter Password for access to the selected key. When entering a password, language (Russian/English) and register (large/large letters) are forfeited.

In order to connect to the Internet, you need to select the Proxy server, click on the button to set the connection, and in the window, enter the address and port of the Proxy server in the appropriate fields.

To get to the system, press the Enter button.

Confirmation of documents in Internet banking for private clients Private clients can use USB-tokens and smart cards "iBank 2 Key" for signing electronic documents in their ES to secure the document to the bank. The functionality is available with different settings for Internet banking.

The signature of the document in Internet-Banking for private clients is set at another stage of document creation. When pressing the button Edit the bank, the Signature Plugin window appears (div. small 26). To sign that document, connect the "iBank 2 Key" token to the USB port of the computer, or insert a smart card into the connection to the computer card reader - in

–  –  –

In the plug-in, in the field for selecting USB-tokens and smart cards, the serial number of the connected device is displayed. Select the key of the EP, as you would like to sign the document, enter the password before pressing the Sign button.

Rice. 26. Internet banking for private clients. Signature of the document EP of the client Vikoristannya cryptolibraries PBZI "Crypto-Ci" Version 2.0 and SKZI "Crypto-COM 3.2"

The system "iBank 2" is equipped with SKZI, which implements cryptographic algorithms up to GOST 28147-89 (encryption, imitation), GOST R34.10-2001 (EP on elliptic curves) and GOST R34.11-94 (hash function).

When vikoristanny vbudovanyh system iBank 2 software SKZІ keys SP clients are saved from file folders.

For cryptographic transfer of information to the iBank 2 system, the following rich platform cryptolibraries are supplied to our warehouses and are mutually certified by the Federal Security Service of the Russian Federation:

–  –  –

"Crypto-COM 3.2" company "Signal-COM". Certificates of integrity of the Federal Security Service of the Russian Federation registry.

No. SF/124-1337 dated 05.06.2009, No. SF/114-1170 dated 15.07.2008, No. SF/114-1551, No. SF/114SF/124-1553 and No. SF/124-154.2010 R.

Crypto-libraries are built and distributed at the warehouse of the "iBank 2" system on the basis of license agreements in the company "BIFIT" with retailers of SKZI.

For the client to use the SKZI software, the presence of crypto libraries on the client side is required.

Installing crypto libraries on the client side for Windows Crypto libraries PBZI "Crypto-Ci" Version 2.0 and SKZ "Crypto-COM 3.2" are installed by means of copying the files in the libraries to the directory accessible by changing the PATH, for example, C:\Windows\ system32.

To install PBZI "Crypto-Ci" Version 2.0, copy the files ibank2cryptoc2.dll, CrC_InitBioRnd32.dll

To install CIDS "Crypto-COM 3.2" copy the ibank2ccom.dll file.

To download the files of crypto libraries, go to your bank.

Installing crypto libraries on the client side for Linux

Crypto-libraries of PBZI "Crypto-Ci" Version 2.0 and SKZI "Crypto-COM 3.2" are installed by way of copying files in libraries to the directory, which is designated as such:

1. Get the iBank 2 system on the start page and launch any java applets (for example, Internet-Banking for corporate clients).

2. Open the browser window of the Java console, changing to new, type S.

3. The console will display a list of changes. The way to the required directory - be it the value of the changed java.library.path.

Library files to be copied:

To install PBZI "Crypto-Ci" Version 2.0 copy the file libibank2cryptoc2.so

І before the "Book of Judith" in the words of the Russian and Russian Bibles, the "Book of Tobit" is venerated (at the LXX and the Vulgate books of Tobit and Judith, stand between the book of Nehemiah and the book of E ... "

«GROUP MANAGEMENT MODULE INT-CR int-cr_ua 12/11 Group management module INT-CR allows arming, removing and burying alarms in groups (partitions) for additional cards, key fobs and other passive transponders text 125 kHz card "should be some kind of passive transponde ..."

"Appendix 6 to the Rules for the organization of meals for students in organizations of secondary education

“V.I. Vernadsky. SCHODENNIKI 1926-1934 Senior editor of the volume Doctor of Geological and Mineralogical Sciences V.P. VOLKІV MOSCOW "NAUKA" 2001 UDC 930 LBC 63.2 U 35 Sergeant Doctor Ge..."

2017 www.website - "Free electronic library - electronic materials"

The materials of this site are placed for information, all rights belong to their authors.
If you don’t like it, if your material is placed on this site, please, write to us, we will see it for 1-2 working days.

Internet-Banking of appointments for the services of electronic banking (remote banking services) to organizations and individual businesses.

Internet banking allows:

create, sign and submit financial documents to the bank;

withdraw from the bank calls (subscriptions and in.);

check the status of the earlier submission of documents.

You can practice in Internet banking under any operating system: Windows, Mac OS X, Linux. For robots, any modern web browser is sufficient: Internet Explorer, Firefox, Opera, Safari, Chrome.

Internet-Banking provides security guarantees, eliminates the mechanism of encryption of information and electronic signature, supports the robot with USB-tokens "iBank 2 Key", "Rutoken ECP".

Internet-Banking in conjunction with accounting programs (1C and others), supporting the one-hour work of specialists from different offices.

Cause: It is possible that your browser and/or proxy server settings have enabled blocking of active Java scripts.

Solution: Change your browser/proxy server settings.

Internet Explorer 7.0: Service->Power of the Watcher , go to the tab Bezpeka Second. Add to list Parameters go to distribution Scenarios->Active Scenarios and set an ensign

Cause: Possibly, your browser has a built-in Java-script blocker.

Solution: Change your browser settings.

Internet Explorer 7.0: Launch the browser, select the item from the main menu Service->Power of the Watcher , go to the tab Bezpeka . Select the required Internet zone and press the button Second. Add to list Parameters go to distribution Scripts->Write Scripts for Java Programs and set an ensign allow .

Java applet won't start.

Cause: Wiki of an old version of java.

Solution: Internet banking works successfully with the following versions: Java 2 Standard Edition Runtime Environment Version 1.4.2 or more. Java SE 6 is required when using iBank 2 Key USB tokens. The current version can be obtained from the retailer's website.

Java applet is not connected to the bank server.

Cause: Problems with connections can be caused by a call switch, starting from the presence of your local firewall screens (Firewall) and blocking the ports by your Internet provider.

Solution: It is necessary to contact the bank administrator to clarify the numbers of TCP ports, as it is necessary to enter them in the IP filter on the Firewall.

The distribution kit of the driver for robotics from "Rutoken ECP" can be taken from the site rutoken.ru

Detailed instructions on how to install the driver and use the USB tokens can be taken from the relevant helpers of the koristuvach, as you can go back to the bank.

Where can you use a USB token in the computer, if you plug it in?

A USB token is not a flash drive, you can’t use it by clicking on the My computer shortcut. Yogo can be found only in the "Appliance Manager" as "Smart card reader" - "USB Token Device".

When entering Internet banking, it is not possible to select the type of collection "USB-token or smart card"

IMPORTANT! The driver is installed right away, and then the USB-token "iBank 2 Key", "Rutoken ECP" is inserted into the computer port! Yaxco Wee was hacked, pulling a USB token from the port. Find out from the dispatcher of the attached computer "Smart Card Reader" and remove all components. Install the driver again. Reboot the computer. For the last time you can connect iBank 2 Key, Rutoken ECP.

It is not possible to create a new EP key for an hour when the "iBank 2 Key" smart card is retrieved.

Install Sun Java Plugin 1.6. Other versions of Java do not support smart card technology. Repeat the registration process.

Why can't I select a USB token from the key selection?

If you're sorry, try to install the remaining version of the Java machine.

I have Windows Vista. The iBank 2 Key USB token driver does not install.

When installing the iBank 2 Key USB-token driver for Windows Vista, you need Administrator rights to start downloading files as administrator.

Food security

Defense mechanisms in the "iBank 2" system.

iBank 2 belongs to the class of systems of encrypted electronic document processing.

To ensure the authenticity (proof of authorship) and the integrity of the document, the EP mechanism for electronic documents is tested.

To ensure confidentiality, there is a mechanism for encrypting data. When interacting via the Internet, encryption and control of the integrity of information that is transmitted are carried out, cryptographic authentication of the parties is carried out.

The system implements Russian cryptographic algorithms up to GOST 28147-89 (encryption, imit_insert), GOST R34.11-94 (hash function) and GOST R34.10-2001 (EP on elliptical curves).

To achieve the functions of the cryptographic attack in the iBank 2 system, a support for the upcoming rich platform crypto libraries certified by the FSB was introduced:

PBZI "Crypto-Ci Version 2.0" of the company "CryptoEx" (certificate of validity of the Federal Security Service of the Russian Federation registry No. SF / 114-1614 issued on February 28, 2011);

SKZI "Crypto-COM 3.3" of the company "Signal-COM" (certificates of validity of the Federal Security Service of the Russian Federation No. SF / 124-2061 dated February 1, 2013, No. SF / 124-2062 dated February 1, 2013).

In the iBank 2 system, control archives are maintained, in which all electronic documents from the SP are stored for the resolution of conflict situations. The system maintains a history of documents - once the document has been created, edited, signed, signed, or returned.

Additional security mechanisms for corporate clients.

SMS-information of clients about entering the system, about entering the bank of payment documents, about ruh koshtiv for clients' accounts.

Expanded bugatfactory authentication every hour to log in to the system with different one-time passwords.

The mechanism of additional confirmation of payment handbooks with one-time passwords (additional to EP).

As a dzherela of one-time passwords, the system "iBank 2" wins SMS-alerts and OTP-tokens.

What kind of security calls do you need to make for an hour of work in Internet-Banking?

Come in safe for an hour of work from EP:

To protect the keys of the EP from the stealing of shkіdlivy programs, it is recommended to win the USB-tokens iBank 2 Key, Rutoken ECP;

In the case of "iBank 2 Key", "Rutoken ECP", save the file-collection of keys on a portable device (USB storage device). It is not allowed to save yoga in the missions, de to the new one you can take it, be it you. Carrying from a collection of keys that are seen, it is necessary to carefully protect against unauthorized access;

The password for access to the EP key is the responsibility of you, but it’s more like you, like a vlasnik;

Do not allow permanent and uncontrolled connection to the computer of USB-tokens "iBank 2 Key", "Rutoken ECP";

Do not give iBank 2 Key, Rutoken ECP with EP keys to anyone;

Do not use Internet-banking in an Internet cafe, and also there, de Wee is not privy to the safety of computers;

When you call the confirmation call, which maw access to the EP key, obov'yazkovo povidomte Bank and block the key;

At times, if there is any suspicion of compromising the keys of the EP or compromising the middle of the violation (the presence of the computer's shkidlivih programs) - obov'yazkovo povodomiti Bank and blocking the keys of the EP.

Go to the computer's host, for which robot is installed in Internet-Banking:

Dotrimuytes regulations obmezhennogo physical access to the computer. The list of spivrobitnikіv organіzatsії is responsible for the approvals, including the main spіvrobіtnikіv and technical staff, which is allowed access to computers, for which the robot is set up in Internet banking.

It is recommended to use an okremium computer exclusively for working in Internet banking. Other activities (work with other programs, work with e-mail, browsing sites on the Internet) from this computer is not to blame.

Vykoristovyte less licensed software security. Do not zavantage that do not install software security, otrimane from unverified dzherel.

Try to win over modern operating systems (OS). The data of the system are more protected, for review of the older, most old versions. Install the patch and update for the OS at the same time. Increase the automatic update of the OC, as a way to restore the rest of the correction, thereby eliminating the inconsistency of the OS.

Vykoristovyte sistemyno that applied PZ only z trusted dzherel, scho guaranty the availability of shkidlivyh programs. If necessary, it is necessary to ensure the integrity of the update, which are kept on the nose or zavantazhuyutsya from the Internet.

Vykoristovyte and promptly update the special software for the protection of information - antivirus software, personal intermediary screens, protect the protection of unauthorized access and other.

Helper of a koristuvach. CFC-Online

Helper of a koristuvach. CFC-offline

Exchange of money between "iBank 2" and "1C:Enterprise 7.7", "1C:Enterprise 8.1" systems

"Corporate autoclient" module of "iBank 2" system

Format for import and export of documents in the "iBank 2" system

iBank 2 module for 1C: Accounting version 2.0, iBank 2 module for 1C: Accounting version 3.0

Electronic signature verification utility