A Large Private Sector Bank in India Strengthens Internet Banking Security with eMudhra Digital Signature Certificates

Client Overview

The organisation is one of India's largest private sector banks, serving a broad base of retail, corporate, NRI, and high-net-worth customers through an extensive network of branches, ATMs, and digital banking channels. With a long-established internet banking platform catering to both retail and corporate customers, the bank is at the forefront of digital financial services in India. Strengthening the security and regulatory compliance of its online transaction channels was a strategic priority, particularly as cyber fraud in the Indian banking sector continued to grow in scale and sophistication.

The Challenge

In India, retail and corporate banking represents the sector most vulnerable to digital fraud. Industry data indicated that the Indian banking sector had witnessed significant increases in fraudulent activity over successive years, with a substantial proportion attributable to electronic payment and delivery channels. The need to make internet banking more robust and secure — protecting customer information from unauthorised access, interception, modification, and misuse — was pressing.

"Our internet banking platform served millions of customers conducting high-value transactions. Strengthening authentication through PKI-based Digital Signature Certificates was the natural next step to protect our customers and ensure full alignment with the national banking regulator's security guidelines."
— Head of Information Security and Digital Banking

The national banking regulator had mandated that internet banking applications create an authentication environment supporting both password-based two-factor authentication and a PKI-based system for authentication and transaction verification. PKI enables users of a fundamentally unsecured public network — the internet — to securely and privately exchange data and money through a cryptographic key pair. The bank needed to implement this infrastructure with minimal disruption to its existing systems and within a significantly short timeframe.

The Solution

eMudhra, as a licensed Certifying Authority in India, issued Digital Signature Certificates to the bank's customers through a white-labelled alliance page created specifically for the bank. Customers could access the page, enter a unique eCoupon code distributed by the bank, submit their application details, and — following KYC verification by eMudhra in line with the Controller of Certifying Authorities guidelines — download their Digital Signature Certificate directly.

eMudhra's Authentication Server (emAS) was deployed within the bank's web server infrastructure, with minimal modifications to the existing database and user interface. emAS handles login authentication and authenticates electronic transactions before they are processed by the core banking system. For example, an online fund transfer request initiated by a customer is first authenticated in emAS before being processed through the internet banking or core banking application. This provides real-time certificate validation via OCSP without any sharing of sensitive customer data between the bank and eMudhra.

The solution covered Class 3 DSC crypto tokens providing 2048-bit security, with data transmitted in encrypted format via secure socket layer. The PKI setup required only minimal modifications to the bank's existing application and database architecture, allowing value-added services to be extended to corporate customers within a significantly short deployment timeframe. The solution was architected to scale from the initial corporate customer base to include retail, NRI, and high-net-worth customers as adoption expanded.

Results

The deployment of PKI-based Digital Signature Certificates delivered measurable security, efficiency, and customer experience improvements across the bank's internet banking and corporate banking operations.