With the development of economy, the banking industry has developed rapidly in China in the 20th century, but at the same time, the homogeneous products and similar services also make the domestic banking industry face more and more serious competition crisis. With China’s accession to the WTO, foreign banks with advanced management experience and high information technology continue to intervene in the domestic market, Domestic banks have to start to consider the possibility of their own sustainable development and the way to maintain this development.
At present, the bank’s self-service terminal has entered the large supermarkets, shopping malls and communities. When it brings convenience to people, it also makes the bank feel convenient to move, low cost, safe and reliable; Let the bank self-service terminal take advantage of the existing mobile GPRS and Unicom CDMA network platform to go to the venue, market, enterprises and other places “smartly”, and bring the bank financial services to any place covered by GPRS & CDMA network.
So how to ensure the security of data transmission in GPRS & CDMA wireless network, the effective protection and efficient use of data is one of the most important factors. Data is the foundation of a bank, and the service provided by the bank for customers is to provide a reliable environment for customers to ensure the accuracy of customer data and the consistency of service, The banking industry began to pay attention to the reliability, security and high manageability of data backup.
Wireless transmission gets rid of the shackles of cables. Banks use wireless network platform to play a unique advantage in many occasions, such as wireless bank ATM self-service terminal system, wireless bank POS self-service terminal system, wireless bank business network system, wireless bank self-service network terminal system, wireless mobile office network system, wireless personal online banking business system, etc; As shown in Figure 1, various bank terminals use GPRS & CDMA wireless network platform to access applications.
2. Network security considerations
At present, the GPRS & CDMA wireless network has developed rapidly in the banking industry. Because the banking industry has strict requirements on the security and reliability of data transmission, solving the system security problem is the key to the application of GPRS & CDMA wireless network banking trading system; Security protection is mainly to prevent intentional or unintentional damage from inside and outside the system. Identity authentication, identity authentication, digital signature to prevent repudiation and tampering, and transaction data encryption are important means to ensure network security.
The current GPRS & CDMA wireless network channel transmission coding methods all have encryption protection for the transmission data, so the GPRS & CDMA channel itself is safe. In addition, GPRS & CDMA can use VPN technology to establish the internal virtual private network of bank transaction system on the mobile data public network, which ensures the reliability and security of bank terminal wireless access.
As shown in Figure 2 above, the bank terminal uses the existing GPRS & CDMA network VPN technology to establish a network. The GPRS network VPN technology is called “access point name” and the CDMA network VPN technology is called “VPDN”. The wireless network VPN technology is to assign a subnet to users in the public wireless network, Users can only communicate in this subnet. Users can’t cross this subnet. Users who are not under this subnet can’t cross this subnet. It’s equivalent to setting up a LAN for users on the public wireless network. Only users in this LAN can communicate with each other. All data are isolated from the Internet, greatly enhancing the security of information, In this way, it brings users a very reliable security, but the cost of networking is high, and cross network networking is not allowed.
In Figure 4 above, the bank ATM self-service terminal realizes network connection through the current GPRS & CDMA wireless network access terminal. Operators such as China Mobile / China Unicom provide the access server lac, and initiate PPP dialing to the operator access server lac through the wireless terminal equipment, so as to realize the establishment of L2TP tunnel between the bank ATM self-service terminal and the bank center access server LNs, Finally, the establishment of PPP session between wireless terminal and LNs is realized. In the core of bank network, a secure VPN server is deployed to accept the request of IPSec session from wireless network access terminal, and suggest IPSec tunnel between wireless VPN terminal and ATM self-help terminal, Realize the security encryption of data transmission between each other.
3. Scheme features
After the device is powered on, it dials automatically without human intervention, and the maintenance is simple;
Web based system configuration and maintenance interface is provided to support remote maintenance;
Powerful network management function, suitable for industry application;
It provides two ways: always on-line and on-demand dial-up. The on-demand dial-up can establish a connection with the data center only when it needs to transmit data;
VPN virtual private network is constructed by using IPSec tunneling protocol, 3DES encryption technology, digital signature, data authentication and key exchange technology;
Provide basic routing function, which can be used for multiple devices to share the Internet;
It is an ideal choice for small and medium-sized business network;
The cost of system transformation is very small;
The network is easy to expand;
Provides remote upgrade and restart functions
The bank uses GPRS & CDMA wireless network to build a wireless networking system. Under the very safe and reliable networking conditions, the bank has established a wireless trading industry system, which greatly expands the field of mobile data application and the further expansion of the banking industry.
Editor in charge: GT