© EDV Team Süd GmbHEDVTeamSuedGmbHLogo

 

Implementation of the iTAN method

"A successful project of a customer - The iTAN method"

 

Within the framework of a greater project of a large German bank, ets was decisively involved in the implementation of the so called iTAN method. The project was completed within its limits of time and expense and nominated for the customers’ award of projects and won.

 

 

The iTAN method

 

Online banking will become safer by the  iTAN method.

 

iTAN is an  indexed TAN method.

Up to now, with the conventional TAN/PIN method, an arbitrary and unused TAN could be picked up the listing to confirm the orders.

When using iTAN the customer will be asked to use a determined  TAN (for example no. 17) from his numbered consecutively TAN listing, that is the customer demands a TAN of his TAN listing for this order from the input.

The TAN administration issues a determined number for the order to the customer and crosses out  the TAN already at this time. With it the TAN is used up already before the customer’s confirmation and can only be used for the current business transaction.

Should the TAN be intercepted, nobody can misuse it for a different business transaction, because the TAN is already avoided. With it the safety of TAN input will be considerably improved.

 

 

The project

 

For the launch of that method considerable changes were to be realised at the existing online banking system. Because ets  was just involved in the changes of the project at the mainframe, at this place only these changes will be mentioned. The following has to be done:

  • Extending the headers of the message for the  iTAN information. Because in the existing header was   a lack of  space for new information, this upgrading was necessary.

  • Centralizing the  TAN examination at the  mainframe gateway (and removing the existing TAN examination in various applications).

  • Increasing the data base with session  information by needed arrays. In addition the performance of data base accesses had been optimized (Saving of unnecessary data base accesses by about 60%).

  • Realisation of iTAN functionality. In that case it has to be respected that the customer can carry on using his old (unnumbered) TAN listings within the existing method.

  • Modifying the production of TAN listings

Because the project concerned a client/server/mainframe-application, an intense exchange of information between the client/server- and mainframe-development-teams was required. Also all test and implementation into the production system had to coordinated and realised in cooperation. It is for this reason that all modules were implemented so that they can handle both the existing and the new orders. So it was guaranteed that both systems could  independently  run on production level.

 

A further difficulty of the project was that the standard mainframe gateway was also used from several other online services (HBCI, telephone banking and ATM), which mustn’t be affected by the changes. To secure that, additional and extensive tests had to take place. 

 

 

The project’s quality assurance and realisation are in conformity with the guidelines of SPICE.

 

 

Remits of ets in this project

 

Following services were rendered by ets  in project:

 

  • authoring the rough concept of all changes at the mainframe

  • authoring the detailed concept of the particularized

  • changes

  • subproject managment mainframe

  • realising particularized changes

  • (except: production of TAN listings)

  • module test of the components

  • integration test with client/server environment

  • testing the several other online services

  • test documentation by courtesy of ‘Testdirector’

  • planning the implementation in production level

  • implementation in production level

  • (including the licensing procedures)

  • updating the system documentation

 

 

Technical environment

 

The  technical environment on the part of the mainframe of the project is the following:

 

  • Operating system IBM z/OS

  • Online system: IMS

  • Data base system: DB2

  • Connection mainframe/server: TCP/IP via HostConnect

  • Programming language: COBOL

  • Development environment:            

- at ets: Microfocus MFE

- at customer:

in-house development  environment of the customer                             

 

                                                    

That is what we are able to do for you

 

Do you have similar requirements, therefore:

 

  • mainframe applications

  • client/server/mainframe applications

  • Implementation of DB2 (including increase in performance)

 

in a project, we are able to assist with following:

  • rough and detailed concept

  • project management

  • development of mainframe and

  • client/serverv components

  • testing the modules

  • cross-platform integration test

  • planning and implementing

  • in production level

  • performance of training courses

  • and more

 

We have long experiences both at mainframe sphere and client/server sphere (LINUX/Windows) and can optimally support you with our know-how in particular within heterogeneous system architectures.

 

 

 

Our qualified employees are looking forward to your  challenges!

 
 

top