Punjab National Bank (PNB) is a nationalised Indian bank headquartered in New Delhi, India. It is the second largest government-owned bank in India, with an annual revenue of more than 13 billion dollars and over 100,000 employees. It has a global presence, with offices in London, Hong Kong, Nepal, Bhutan, and Dubai.
As a government-run multinational bank, privacy is an important consideration in all transactions. Within their department that handled international transactions via the Swift Application, PNB encountered a problem with its architecture. International transactions necessitate the use of foreign currencies. These currencies were managed using a variety of SAML-compliant applications. While PNB had a private network for these applications, they had no additional authentication mechanism to validate the user identity of the employees other than their Active Directory-based username and password authentication.
This meant that various applications were vulnerable to unauthorised access by individuals or other entities who could impersonate existing users' user identities to gain access to the applications. This can be extremely damaging to the organisation and its clients.
To address these gaps in their system, PNB determined that these applications required a Second Factor of Authentication. This would increase their security because users would be authenticated twice, once with their existing Active Directory credentials and again with a unique set of values from OTP, Google authenticator, hardware tokens, and so on.
Secondly, they were concerned about the setup in the event of any downtime/failure, and thus sought a solution that included a robust disaster recovery mechanism to deal with any unforeseen failures.
Finally, PNB desired a mechanism for performing daily backups of user data. They needed a robust system to deal with downtimes because their setup included a primary environment and a backup Disaster Recovery (DR) environment. miniOrange provided PNB with the solution they required, which was built for their needs. PNB has successfully secured their environment and simplified access to their applications by utilising miniOrange.
miniOrange provided PNB with an On-Premise solution for Two-Factor Authentication. PNB could use it to add an extra layer of security to their private network. After entering their username and password, the user was prompted for a second factor of authentication in order to access the Swift application. miniOrange supports over 15 different 2FA methods, including OTP via SMS, hardware tokens, Google Authenticator, and more.
Before users could access the application, the miniOrange Identity Provider (IDP) was used to authenticate them. As the solution was connected to the PNB Active Directory (AD), users would continue to be able to login to the system using their current credentials for the first factor.
Following a review, PNB decided to use a mobile token-based Second Factor of authentication. In this solution, the user accesses a time-based 6-digit OTP via an external application such as Microsoft or Google Authenticator on their personal mobile device. This OTP expires after a set period of time and is refreshed on a regular basis.
Users could use their mobile devices to authenticate themselves for second factor authentication using this OTP. This solution was critical in increasing security and preventing unauthorised access to critical applications.
Many times, a failure in an organization's system can occur for a variety of reasons. This failure must be managed carefully, or else company resources, customer services, and client data may be compromised. miniOrange provided PNB with a Disaster Recovery component built into our solution.
All SAML applications were running in a primary Environment (DC) of PNB. If the primary environment or any entity within it were to fail for any reason, a secondary environment (DR) with a similar configuration would be activated to take its place. This could be done manually to ensure that all applications and 2FA were running smoothly and with minimal errors.
This provided PNB with a solid solution that was ready for any downtime for its instances.
Finally, a daily backup mechanism was provided for PNB. They could backup user data and app configurations on their main network by having a separate intranet for disaster recovery. In the event of failure, this would be useful in disaster management to ensure the network's smooth operation and secure access to the application with all the latest updates.
Since going live with our solution since December 31, 2021, Punjab National Bank has successfully secured their network and user data using the miniOrange On premise solution. miniOrange's solution prevents unauthorized access and enables their customers to conduct transactions smoothly.