Online transactions are not face-to-face, customers can make requests at any time, any place, the traditional identification method is usually rely on the user name and login password to authenticate the identity of the user. However, the user's password in the form of plaintext in the network transmission, it is easy to be intercepted by attackers, and thus can impersonate the identity of the user, identity authentication mechanism will be breached. In the online banking system, user authentication relies on the encryption mechanism of RSA public key cryptosystem, digital signature mechanism and multiple guarantee of user login password. The bank verifies the user's digital signature and login password before confirming the identity of the user. The user's unique identity is the "digital certificate" issued by the bank. The user's login password is transmitted in ciphertext mode to ensure the security and reliability of the identity authentication. The introduction of digital certificates, at the same time to achieve the user's identity certification of bank transactions, to ensure that the access to the real bank website, and also to ensure that the customer submitted transaction orders are undeniable. Because of the uniqueness and importance of digital certificates, banks have set up CA certification bodies to carry out online business, which is responsible for issuing and managing digital certificates and conducting online identity audits. June 2000, led by the People's Bank of China, 12 commercial banks jointly built the Chinese Financial Certification Center (CFCA) officially listed operation. This indicates that China's E-commerce has entered a new stage of bank security payments. As an authoritative, trustworthy and impartial third party trust organization, China Financial Certification Center provides the basis of identity authentication for the realization of cross-border transactions in the future. "Responsible editor: Jian Ying TEL: (010) 68476606" Original: NET Silver Security knowledge: Important identification and CA authentication return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
