Digital Signing guidelines - NatWest

More documents

Recommendations

Info

1.3 Purpose of Digital Signature Guidelines The purpose of this document is to provide Bankline Direct customers with the instructions on how to apply a digital signature to payment files. This document describes how to sign files using Smartcards utilising eSigner application, which is supplied on CD along with the Smartcards. This document also outlines the use of Hardware Security Module (HSM) solution for file signing. 1.4 Use of Digital Signature Guidelines This document should be used alongside the Bankline Direct Channel Build Guidelines (Ref: BD-31.01) which describe the overall setup of the communication channels including delivering file signing. You should also read the eSigner Integration Guide before reading this document. 6
2. Overview of Digital Signing Solutions All communications between the customer and the Bankline Direct service in either direction must be secure. All transmissions generated by the service will be digitally signed; likewise any payment messages or files sent to the Bankline Direct service must be signed with a digital certificate. Section 5 details the security configuration applied to reports and acknowledgements generated by the Bankline Direct service. Customer utilising the payment submission service must send messages and files complying with the prescribed NatWest security and industry standards. There are two options for applying a digital signature to payment transmissions, Smartcards and Hardware Security Module (HSM), please refer to sections 6 and 7 respectively. An HSM solution offers an unattended solution for straight through processing and may be attractive to customers who process large volumes of payments. An HSM solution reduces the administrative overhead and associated staffing needs but is a more expensive option. It is the customer’s responsibility to procure and install an HSM module. A Smartcard solution is a secure, but manual process requiring intervention from staff members, by entering a PIN number using a card reader and individual card credentials. This Smartcard option is considerably cheaper. Bankline Direct transmissions are digitally signed using an HSM. Digitally signed communications that travel in both directions adhere to the S/MIME standard. Section 3 provides a high level description of S/MIME. 7
Page 1 and 2: Bankline Direct Digital Signature G
Page 3 and 4: Terminology Used For ease of refere
Page 5: Introduction 1.1 Introduction to Ba
Page 9 and 10: Detached Signatures A detached sign
Page 11 and 12: Bankline Direct will use whatever d
Page 13 and 14: 4. Use of File Signing 4.1 Typical
Page 15 and 16: 5.3 Signature Validation There are
Page 17 and 18: 6. Smartcard File Signing 6.1 Smart
Page 19 and 20: 6.2 Setup Instructions The followin
Page 21 and 22: The code extract overleaf shows tha
Page 23 and 24: 7. Hardware Security Module Custome

Digital Signing guidelines - NatWest

Create successful ePaper yourself

Delete template?

Save as template?