25 May 2020

The number of cyberattacks on the banking sector in Ukraine and abroad has significantly increased during the last few years. 
Both customer accounts and access to their personal data are at risk.

CBS B2 is one of the most popular core banking systems in Ukraine: it is used 50 out of 75 banks. 

CS Company has implemented a two-factor authentication mechanism to provide a safety access to the system. 

Two-factor authentication requires identity verification of two different factors.

The first factor of the user’s authentication in the CBS B2 is user’s login and password.

The second factor of the user’s authentication can be:

• One-time password generated by applications that support the TOTP protocol (e.g., Google Authenticator);
• One-time password sent via SMS or email; 
• Key information carrier (secure token) from the AVTOR Company 

The authentication server is a backbone of the CBS B2 two-factor authentication’s architecture.

Main features of the authentication server:

• activation and configuration of the two-factor authentication mode individually for each user;
• ability to work with different authentication options simultaneously using an SMS, e-mail, applications with a TOTP support and hardware tokens from the AVTOR Company;
• saving data of all authentication requests in the database; 
• validity control of the generated one-time codes by their validity period.

In 2020 CS together with AVTOR, a leading developer of products in the field of cryptographic protection, implemented the authentication protocol support according to the DSTU ISO/IEC 9798-3 based on the certified solution CryptoLibV3 Digital Signature. 

The implemented mechanism enables to use strong authentication for the CBS B2 and JetB2 login.

Currently the support of the following key information hardware carriers (tokens) is implemented: SecureToken-337, SecureToken-338.

Please, contact us to learn more about the two-factor authentication mechanism in the CBS B2.