EZIO Plug and Sign Technical Specifications
As an harware device the Plug & Sign is including:
- A PKI smartcard that holds keys and certificates.
- Flash Memory that is configured as Read Only partition and that
holds all dedicated embedded application software.
- A controller that securely manages all accesses to the smartcard and the
flash memory.
The access to the smartcard is provided through an HID (Human Interface
Device) interface. This is the standard interface used on PCs for mouse and
keyboards, all PCs are already equiped with HID driver and consequently no
driver needs to be installed.
The dedicated functions for on-line banking are provides by the different
application software provided as executable in the Flash Memory:
- The bank's menu:
This mainly provides a list of authorized URLs that one can click to get to
the target pages. The menu also gives access to some tools for
administration.
- The browser:
This is a Gemalto specific browser that is provided from the Read-Only
partition of the Plug&Sign. No way for the executable code to be modified
thus providing an effective protection against virusses.
- eSigner:
This is a Digital Signature plug-in mounted on the browser that can
be called by the web application of the bank web site to trigger PKI
signatures. It features some WYSIWYS functions and returns the signed data
to the web server.
The Plug&Sign will be made available in combination with Smart TMS
(Token Management System) that allows he token issuer to manage the content of
the token. This will typically manage:
- List of URLs that are proposed and authorized for end user navigation
- Documentation provided to the end user
- Executable code in case of new revision for functional enhancement, bug
correction or security enghancement
- Visual appearance of the different Graphical User Interfaces
|
[PDF
- 978kb]