After COVID-19, consumers are gradually accustomed to the online trading model, prompting enterprises to actively face the issues of ""Digital Acceleration"" and ""false and reality integration"". In the past, only banks would be paid attention to, but now they have begun to spread to the entire financial industry, third -party service operators (TSP), e -commerce operators, etc. Hitrust has not been absent during this period with the service experience of the past 30 years.

For enterprises that first come into contact with security services, in addition to the complete security control system that originally provided to financial institutions for a long time, it also provided to other industries with simple security modules/HSM/bank -enterprise connectors ... and so on.We provide the initial solution of the enterprise so that they can ensure the safety of data without investing a lot of funds and costs.

In this high -traffic transaction demand, how to improve the quality of financial services and consumer experience satisfaction is an important issue that must face. In this regard, Hitrust has increased the elasticity and scalability of Secure Resources through the cloud platform, which is worthy of discussion. In 2023, we used the advantages of microservices to successfully build the first Secure Private Cloud Platform in Taiwan.In addition to allowing customers to have another choice, we also hope to maximize the efficiency of Secure System while taking into account system efficiency and security intensity to provide customers with the safest and efficient financial services.

Multi -Security Control Service solution includes:

1. I-SECUTITITY Financial XML Registration Authentication Security System.

2. KMS gold key management module.

3. HSM.

4. Enterprise Safety Control-CITIC connection.

5. Secure Private Cloud Platform

6. Various security consultants services.

With the rise of the digital age, the rules of passwords generated by various services are different. In addition to the difficulty of remembering multiple sets of passwords, there may also be the risk of phishing and fraud, which will have an irreparable impact on consumers. FIDO has the characteristics of no password authentication and zero trust, which can just solve the problems caused by these passwords.

At the end of 2022, FIDO Alliance cooperates with international index companies such as W3C, Apple, Google, Microsoft, etc. to establish PassKey, which solves the problem that cross-platform and different devices cannot log in to each other, and improves the convenience of applications.

In terms of policies, the government and many non-governmental organizations are also vigorously promoting, such as F-FIDO of the Ministry of Digital Affairs. In the near future, we will see the use of FIDO in various fields including government units, service industries, IoT, and semiconductor industries.

The HiFIDO solution provided by Hitrust, in addition to passing FIDO2 and UAF verification and supporting Passkey, has been applied in different industries and cooperations.

In Taiwan, most banks use SMS OTP for 3D verification. If the OTP password is sent to the mobile phone and email at the same time, the hacker can successfully obtain the OTP password to complete the 3D verification and fraudulent as long as they hack into the cardholder’s email.

But is it safe to send OTP only to the phone? In fact, as early as 2010, there was an incident of SMS OTP being stolen by hackers. Therefore, banks in EU countries have gradually given up using SMS OTP. Obviously, in addition to OTP, whether financial institutions can identify visiting devices is also very important.

In this regard, we have developed the ""Veri-id"" online real-time risk detection service. Through fingerprint and AI technology, we can identify whether the equipment used in the transaction is risky, and accurately catch the problematic situation.Including IPs that require a large number of transactions in a short period of time, whether typing and mouse tracks are real people...etc.

In addition, when transactions need to be verified with cardholders, Veri-id replaces SMS OTP with FIDO-certified security biometric verification (such as Face ID, fingerprint recognition, etc.) to prevent OTP from being hacked in any form. Consumers can quickly complete verification without waiting for text messages or emails, and there is no risk of data leakage, which greatly improves transaction convenience and security.

Through the Veri-id solution, operators can identify risky customers without seeing the users, which can not only effectively reduce the risk of fraudulent brushing and network attacks, but also provide consumers with a more convenient and secure transaction experience!