Secure Low-Risk Identity Driven Process Flows

eMudhra helps prominent BPM organizations to protect sensitive personal data while easing workflow processes

Overview

Digitization lies in addressing dependencies in paper-driven processes and countering them efficiently with structured paperless workflows through automation. Conceptually, it sounds great but practically, its achievable today. However, history and statistics have identified many flaws in the methodologies used in achieving the end result. 13.4 billion records have been stolen since 2013, of which 9.8 billion records have been breached in the US. Yet, only 4% of breaches were “secure breaches” and the stolen data was rendered useless. Of these, approximately 64% of breaches were focused at personal identity. (Breach Level Index).

BPM organizations often process innumerable personal identity and KYC documents (such as driver’s license, etc.) that include sensitive details concerning credit card processing, account opening processing, etc. Needless to say, the risk is extravagant with liabilities that are not just financial. So, it’s necessary to protect the data.

However, at eMudhra, we believe that technology should be employed to enable greater levels of efficiency while maintaining the highest standards of data security at every step of the way.

Our solution stack enables BPM organizations to effectively manage the following:

Security is Compliance

As society progresses towards a digital age, the protection of sensitive data communicated across an organization from the inception of the data point to the point of completion in a workflow (and even subsequent storage) has become very important.

NIST SP800-171, regulations around protecting Controlled Unclassified Information is an important compliance criterion that many organizations processing KYC data are often measured against. Security that utilizes cryptographic elements in the authentication of users, integrity of communication and storage of data are critical also elements to ensuring security compliance.

Business Need

Given the tremendous financial and convenience gained from digitizing processes, BPM companies have an impending need to secure business workflows, approvals, signatures, storage and retrieval of customers data.

Cryptography at its core

The solution offers tremendous benefits in a single package:

• Cost savings from paperless transformation
• Compliance with specific NIST standards around CUI data protection
• Operational efficiency and quicker TAT
• Some components can empower obotic Process Automation efficiency
• Highest standards of security around processing 3rd party sensitive data
• All-in-one package can reduce technology maintenance cost
• Strong authentication of users who access our workflow system
• A robust workflow system with encrypted storage that enables confidential communication using cryptographic keys
• A legally compliant eSignature module falling within the boundaries of the eSign Act, HIPAA compliance criteria, and more
• A smart OCR module that can extract data in bulk and store the same in multiple formats

Now, you can be one step closer to achieving NIST SP800-171 compliance (The latest NIST standard around protection of CUI)

eMudhra is a global organization focused on Secure Digital Transformation through effective identity and digital transaction management of documents and identity dependent records of any nature. As an executive member of the Cloud Signature Consortium, a webtrust compliant organization, and chairperson of the Asia PKI Consortium, eMudhra strives to be at the forefront of progress around secure identity management and paperless transformation.

eMudhra is a global organization focused on Secure Digital Transformation through effective identity and digital transaction management of documents and identity dependent records of any nature. As an executive member of the Cloud Signature Consortium, a webtrust compliant organization, and chairperson of the Asia PKI Consortium, eMudhra strives to be at the forefront of progress around secure identity management and paperless transformation.

Solution

The solution utilizes eMudhra’s emSigner extended framework to obtain KYC and other documents in PDF format. The data in these documents can be extracted using emSigner OCR technology, which allows for extraction, easy categorization, and storage of data in multiple formats.

Once the PDF file(s) is in the system, the workflow engine can be used to configure robust internal/external workflows where the users can approve, invisibly sign, or legally sign documents in sequential or parallel order.

The documents from completed workflows are stored in encrypted form and can be configured to trigger auto-events. The entire process is secured in terms of access and encryption using cryptographic keys.

Components

• emSigner -
• Secure eSignature & workflow management application that can sign, encrypt, and decrypt PDF files in addition to workflow features
• emSigner OCR - 
  Smart OCR technology capable of extracting, indexing, and storing data values in multiple formats 
• Hardware Security Module -
  FIPS 140-2 level 3 certified physical computing device that safe- guards and manages digital keys for strong authentication and provides crypto processing 
• SecurePass– Multifactor Authentication Engine 15 Factors –
  SecurePass supports 15 factors of authentication from OTP to Adaptive ensuring adequate access control and accountability 
• LDAP/AD –
  Integration with LDAP/AD for easy enrollment and provisioning of users 
• PKI Authentication – 
  SecurePass supports PKI authentication which comes in handy in ensuring cryptographic security

High Level Solution Diagram