• [1] What is iVEST™ ?
• [2] Why iVEST™ ?
• [3] What can we do with iVEST™ ?
• [4] Where can iVEST™ be used ?
• [5] What are the key components of iVEST ?
• [6] Key Features of iVEST™
• [7] Standard Features of iVEST™
• [8] What is the minimum system requirement to install iVEST™ Server ?
• [9] What is the minimum system requirement to install iVEST™ Client ?
• [10] What is digital certificate ?
• [11] Can it be used outside Malaysia ?
• [12] Where can I get iVEST™ Card ?
• [13] What happens if I lost my iVEST™ Card ?
• [14] What is iVEST™ Gate ?
• [15] What is iVEST Gate Admin ?
• [16] What is Microsoft Smart Card Based Components (MSCBC) ?
• [17] What is iSign ?
• [18] What is iVEST CSP ?
• [19] What is PKCS#11 ?
• [20] What is iProxy ?
• [21] What is reader driver ?
• [22] What is iVEST File ?

[1] What is iVEST™ ?

iVEST™ stands for "Virtual Environment for Secure Transactions." The prefix 'i' represents information or the Internet. It can also mean 'I' as the first person reference to oneself. This emphasizes the personal touch in iVEST™ technology. iVEST™ supports open standards to create a universal framework for e-communication and e-commerce.

Its initial offering allows users to create digital signatures, and produces extremely reliable user identification on an open system such as the Internet. It contributes tremendously towards secure communications of a world class standard.

[2] Why iVEST™ ?

iVEST™ revolutionizes Internet communication and e-commerce by enabling secure transactions in virtual environments. iVEST™ offers the client and server kit that will enable three important user functions:

• User Authentication with Smart Card Technology
  iVEST™ users will be able to use the iVEST™ smart card, which contains a digital certificate, for a variety of authentication purposes. Smart card certificate-based user identification is becoming more widely accepted as a superior user identification system for the Internet.
• Privacy with 128-bit Encryption
  Strong encryption with 128-bit for symmetric algorithm and 1024-bit for asymmetric algorithm. All communications utilising iVEST™ technology are encrypted with a locally developed, world class cryptography that prevents security breach on the Internet. iVEST™ users can be sure that every session with iVEST™ enabled servers is secure and private.
• Legal Protection with Digital Signature
  iVEST™ allows users to sign electronically. This is equivalent to a handwritten signature on paper. Provisions under the Malaysian Digital Signature Act 1997 and the Digital Signature Regulation 1998 enable the digital signature to be admitted as evidence in court.

[3] What can you do with iVEST™ ?

• secure corporate communications
• intranet and extranet applications
• online shopping
• online banking
• online stock trading
• online insurance
• all other real-world counter services
• all business-to-business transactions
• online learning
• Yes, the possibilities really are endless!

[4] Where iVEST™ can be used ?

Among the popular applications where iVEST™ can be used are:

• secure corporate communications
• intranet and extranet applications
• online shopping
• online banking
• online stock trading
• online insurance
• online learning
• all other real-world counter services all business-to-business transactions

[5] What are the key components of iVEST™ ?

iVEST™ has two (2) main components, namely iVEST™ Client and iVEST™ Server. iVEST™ Client Kit is made up of a smart card which contains the user digital certificate, private key and an RSA processor; together with a smart card reader, and an iVEST™ software driver.

iVEST™ client works with any of your favourite web browser to provide security, and privacy when you are performing any transactions over the Internet. The user will only need to key in a Smart Card Activation Number which is alphanumeric to activate the smart card RSA processor chip in order to access any services on intended web site.

[6] Key Features of iVEST™

• Vouches for your online identity with Digital Certificate-based log-in
• Enables you to create legally binding electronic signatures which are equivalent to handwritten signatures on paper
• Secures confidentiality on the Internet with 128-bit cryptography
• Verifies message integrity by indicating if a message has been tampered with
• Requires only one card for all iVEST™ enabled applications
• Complies with the legal requirements of the Malaysian Digital Signature Act 1997 and the Digital Signature Regulation Act 1998

[7] Standard Features of iVEST™

• ISO 7816 - an ISO standard for smart card
• PKCS - (Public-Key Cryptography System) is a set of informal intervendor standard protocols developed by RSA for making possible secure information exchange on the Internet. The standards include RSA encryption, password-based encryption, extended certificate syntax, and cryptographic message syntax for S/MIME, RSA's proposed standard for secure e-mail.
• X.509 - The digital certificate used in iVEST™ is in X.509 format, which is the best known public-key certificate format
• TLS/SSL - SSL (Secure Sockets Layer) is a program layer created by Netscape for managing the security of message transmissions in a network. iVEST™ provides strong encryption of 128 bit key length
• iVEST™ Cryptography Library
  • RSA (1024 bits)
  • RC4 (128 bits)
  • RC5 (128 bits)
  • RC2 (128 bits)
  • MD5 (128bits)
  • 3DES (192 bits)
  • IDEA (128bits)
  • SHA-1 (160 bit

[8] What is the minimum system requirement to install iVEST™ Server (version 2.0) ?

Operating System:

• Linux Red Hat 9.0 and above
• Unix AIX 5.1 and above
• Unix Solaris 2.6 and above
• Windows 2000 Server (SP4 recommended)/Windows 2003 Server/Windows XP

Web Server:

• Any web server environment which supports JSP/Servlet
• IIS5/IIS6 (for Windows platform only)

Programming Language:

• Unix platform
  • Java/JSP
• Windows Platform
  • ASP/VB
  • Java/JSP

Hardware:

• 10MB of harddisk space
• 128MB of Memory

Java:

• JRE 1.4 and above is installed
• JRE 1.5 and above is installed for ASP/VB wrapper support

[9] What is the minimum system requirement to install iVEST™ Client (version 3.0) ?

Operating System:

• Windows 98/Windows 2000/Windows XP

Hardware:

• 64MB of RAM
• 5MB of harddisk space
• 1 USB port
• iVEST Card Reader

Browser:

• Internet Explorer (version 5.0, 5.5 & 6.0)
• Netscape 4.+

Internet access

[10] What is a digital certificate ?

Digital certificates are electronic format of any physical or paper certificates.

Some examples of physical certificates are driver's licenses, passports or membership cards. Certificates serve as an identity token for an individual for certain purposes, e.g. a driver's license identifies someone who can legally drive in a particular country. Likewise, a digital certificate can be presented electronically to prove your identity and rights to access information and services on intended web site.

[11] Can it be used outside Malaysia ?

Yes, iVEST can be used anywhere in the world, as long as the user carry a valid iVEST smart card.

[12] Where can I get the iVEST ™ Card ?

iVEST Client Kit can be obtained at any Anjung Internet Jaring counters nationwide. List of our counters.

[13] What happens if I lost my iVEST ™ Card ?

Please visit any of our counters immediately and fill in the Revocation Form to revoke your lost iVEST™ Card.

[14] What is iVEST™ Gate ?

iVEST™ Gate is an application software used to configure your computer so that the components of iVEST™ Client can communicate with the Smart Card Reader

[15] What is iVEST™ Gate Admin ?

Using iVEST™ Gate Admin, you can change your PIN, change your smart card reader setting, and view your certificate as well.

[16] What is Microsoft Smart Card Based Components (MSCBC) ?

iVEST™ readers support PC/SC standard. The MSCBC is the central program that implements the PC/SC platform. It is built into Win 2000 and Win XP but has to be installed in other Microsoft operating systems. It has to be up and running to be able to successfully run smart card applications based on the PC/SC platform. iVEST™ Client software will automatically install the component during its installation.

[17] What is iSign ?

A web browser plug-in. Able to generate digital signatures in PKCS#7 singlepart or multipart signing format. In singlepart signing, the data to be signed (message) plus signed data are sent in a package to the server. In multipart signing, only the signed data is sent as a package to the server

[18] What is iVEST CSP ?

• Support digital signature/verification of email in Outlook Express
• Support encryption/decryption of email in Outlook Express
• Able to generate public key and insert certificate into smart card

[19] What is PKCS#11 ?

To make iVEST Client able to support sign and encrypt using Netscape application

[20] What is iProxy ?

iProxy is the local secure proxy on the client side which authenticates client and server sides via a Secure Socket Layer (SSL) connection. iProxy is a local proxy. When you try to connect to secure web sites (normally via https at the URL), the request will be routed to this proxy. iProxy will present the Authentication certificate to the server during log on process. iProxy initiates all SSL handshake with web server.

[21] What is reader driver ?

• Its a program that control a device and acts as a translator between the device and programs that use it
• Each device has its own set of specialised commands that only its driver knows.

[22] What is iVEST File ?

iVEST™ File is a very useful secure storage system which encrypt file(s) for secure transmission through the Internet. iVEST™ File made it easy for user to securely sign, verify, encrypt and decrypt these files by completely eliminating any possibility of theft.

Based on Public Key Infrastructure, it incorporates the best cryptographic techniques, which use a highly reliable user authentication; data confidentiality, integrity & non-repudiation; and legally binding digital signatures