Business Situation
- Major banking organization
- High volume of high-value transactions
- Exposure to international currency fluctuations
- Multiple aspects of banking including deposits, lending, investment and bullion
Key Challenges
- Eliminate reliance on passwords
- Control electronic movement of large sums in various international currencies
- Control access to vendor data and release of payments
- Provide assurance to stakeholders of the safe-keeping of depositors’ and investors’ funds
- Monitor any SAP activity considered to offer risk
- Restrict access to high-level financial data viewing to authorized users only
- Required tamper-proof logging of all restricted activities, including failed or unauthorized attempts
Major Objectives
A major international bank required biometric security capabilities natively embedded in their SAP system as part of their internal checks and balances requirements. Extensive and successful proof-of-concept and penetration testing was performed before deciding on the implementation. Preventing insider fraud and ensuring compliance with internal procedures were also key drivers.
Areas to be secured included customer-facing personnel who would have access to depositors’ information. Also, inventory movement of funds and precious metals between vaults, recycling of old banknotes and such high-risk activities were high priority areas.
Automatic logging of restricted activities was required to assist with regulatory compliance.
Key Business Outcomes
- Sensitive financial activities including large wire transfers, loan write-offs and more require biometric credentials and authentication
- Ability to set threshold field values in certain transactions, above which threshold biometric re-authentication is triggered
- Silent e-mail alerts and tamper-proof logging of failed activities indicating possible overstepping of a user’s credentials, providing a forensic trail
