PRESS RELEASE
Interview with Bernard Delbourg - February 2009
Mediscs « proposes a 3-in-1
solution on a USB key »
In five years, the Montpellier company Mediscs, has made a name for itself in the much coveted I.T. security sector. It is an independent
company that has a major banking group in its capital. Today the company has 20 staff and an automated production line to personalise
its solutions on CD cards and USB keys. Interview with Bernard Delbourg, CEO of Mediscs.
What sort of security solutions do you offer?
Mediscs is a publisher of I.T. security solutions. It has expertise in portable technologies (Standard USB key, CD cards in bank card formats) with embedded security applications, and more especially three functions (strong authentication by certificate, electronic signature and 3D secure payment), all on a single portable device. The USB key combines three determining competitive advantages: Internet user friendliness, optimal security and unparalleled implementation cost. Our solution is unique, patented and customizable.
And does it simplify things for the Internet user?
In my opinion it does, because it has a device and a Pin code, and the connexion procedures linked to 1 or several embedded electronic certificates are automatic and require no installation program on the user’s computer. For banks, public administration and healthcare or services on demand, this technique ensures easy mass deployment, at an unchallenged cost, whilst ensuring optimal security.
Which banks or companies already use your products?
Currently, with IP@B (Invoice Payment Banking), a subsidiary of the Bred/Banque Populaire group, we are deploying our solution for a first 500 000 banking customers. Furthermore, other recent announcements have received extensive media coverage, but it is with the IP@B multibank I.T. platform that Mediscs has used its portable solution on a large scale. This deployment has been in progress since the end of 2008. We are proud to announce this successful achievement. But that’s not all: in addition to the strong authentication and 3D secure payment, our TOOAL solutions constitute very strong added-value: the ability for the Internet user to sign electronically online. Let’s not kid ourselves, that is where the real market and return on investment for banks, home- and on-demand services are going to be. As our solutions are applicable to all activities linked to the Internet, our customers include publishers Editions Francis Lefebvre, Editions Dalloz, Editions Législatives, and Groupe CMA CGM.
Today, there is a lot of concern about payment security and a demand expressed by regulators to bring in strong authentication. What solutions do you propose?
Among the systems for strong authentication, the electronic certificate (a veritable passport for the user and provider) has been demonstrated as the safest proven means. From this standpoint, the reliability and the security offered by OTP-based solutions has yet to be proved. At the present time, the risks associated with these products have not been sufficiently taken into account. Unfortunately, these solutions do not address the problems of phishing, pharming or « Man in the middle ».
All sorts of authentication solutions are on the market: card terminals, software, usb keys. How are you able to differentiate yourselves?
Our solution, involves no external devices such as external chip card terminals. An ordinary USB port or CD drive are all you need. The 3-in-1 TOOAL solutions are programme applications linked to a personalised device with each user’s confidential data. Moreover, our solutions require no installing and leave no trace on the user’s computer, wherever he or she may be. As regards the USB keys, either we are talking about cryptographic USB keys, of which the cost and « Mass Market » deployment issues are insoluble today, or we are talking about standard USB keys. Our solutions can use them and even enable the customers of the bank to initialise them from a website (such as the bank’s website); to turn them into secure devices equipped with the TOOAL solutions.
Which solution do you think is the most effective and the most practical for the customer?
First of all and quite honestly, I think there are two distinct identified markets: professional and for the general public. In the professional world, for an authentication linked for example to the company’s intranet, the chip card with a cryptographic application used in conjunction with an external terminal, is to my mind the best adapted. For the general public mass market, I have to say that MEDISCS created the 3-in-1 solution for home users, specifically for their real needs for secure data access, with the necessary constraints in mind for successful deployment : easy use combining simplicity and comfort, technical innovations (several patents) to encapsulate the automatic presentation and remote use of one or several certificates, as needed, transparently for the user ; at an incomparable cost for large-scale implementation.
PDF Download
What sort of security solutions do you offer?
Mediscs is a publisher of I.T. security solutions. It has expertise in portable technologies (Standard USB key, CD cards in bank card formats) with embedded security applications, and more especially three functions (strong authentication by certificate, electronic signature and 3D secure payment), all on a single portable device. The USB key combines three determining competitive advantages: Internet user friendliness, optimal security and unparalleled implementation cost. Our solution is unique, patented and customizable.
And does it simplify things for the Internet user?
In my opinion it does, because it has a device and a Pin code, and the connexion procedures linked to 1 or several embedded electronic certificates are automatic and require no installation program on the user’s computer. For banks, public administration and healthcare or services on demand, this technique ensures easy mass deployment, at an unchallenged cost, whilst ensuring optimal security.
Which banks or companies already use your products?
Currently, with IP@B (Invoice Payment Banking), a subsidiary of the Bred/Banque Populaire group, we are deploying our solution for a first 500 000 banking customers. Furthermore, other recent announcements have received extensive media coverage, but it is with the IP@B multibank I.T. platform that Mediscs has used its portable solution on a large scale. This deployment has been in progress since the end of 2008. We are proud to announce this successful achievement. But that’s not all: in addition to the strong authentication and 3D secure payment, our TOOAL solutions constitute very strong added-value: the ability for the Internet user to sign electronically online. Let’s not kid ourselves, that is where the real market and return on investment for banks, home- and on-demand services are going to be. As our solutions are applicable to all activities linked to the Internet, our customers include publishers Editions Francis Lefebvre, Editions Dalloz, Editions Législatives, and Groupe CMA CGM.
Today, there is a lot of concern about payment security and a demand expressed by regulators to bring in strong authentication. What solutions do you propose?
Among the systems for strong authentication, the electronic certificate (a veritable passport for the user and provider) has been demonstrated as the safest proven means. From this standpoint, the reliability and the security offered by OTP-based solutions has yet to be proved. At the present time, the risks associated with these products have not been sufficiently taken into account. Unfortunately, these solutions do not address the problems of phishing, pharming or « Man in the middle ».
All sorts of authentication solutions are on the market: card terminals, software, usb keys. How are you able to differentiate yourselves?
Our solution, involves no external devices such as external chip card terminals. An ordinary USB port or CD drive are all you need. The 3-in-1 TOOAL solutions are programme applications linked to a personalised device with each user’s confidential data. Moreover, our solutions require no installing and leave no trace on the user’s computer, wherever he or she may be. As regards the USB keys, either we are talking about cryptographic USB keys, of which the cost and « Mass Market » deployment issues are insoluble today, or we are talking about standard USB keys. Our solutions can use them and even enable the customers of the bank to initialise them from a website (such as the bank’s website); to turn them into secure devices equipped with the TOOAL solutions.
Which solution do you think is the most effective and the most practical for the customer?
First of all and quite honestly, I think there are two distinct identified markets: professional and for the general public. In the professional world, for an authentication linked for example to the company’s intranet, the chip card with a cryptographic application used in conjunction with an external terminal, is to my mind the best adapted. For the general public mass market, I have to say that MEDISCS created the 3-in-1 solution for home users, specifically for their real needs for secure data access, with the necessary constraints in mind for successful deployment : easy use combining simplicity and comfort, technical innovations (several patents) to encapsulate the automatic presentation and remote use of one or several certificates, as needed, transparently for the user ; at an incomparable cost for large-scale implementation.
PDF Download
« back