Installation instructions (for clients who install the Bank-Client system on their own). Remote banking service How to log in to the iBank2 system using a login and password

In PJSC CB "SUMMIT BANK" for managing clients with their money, they use the system of remote banking services "iBank 2" developed by the company "BIFIT". "iBank 2" refers to the class of secure electronic document management systems.

To ensure privacy data encryption mechanism is used. When interacting via the Internet, encryption and integrity control of the transmitted information is carried out, cryptographic authentication of the parties is carried out.

The system implements Russian cryptographic algorithms in accordance with GOST 28147-89 (encryption, imitation insertion), GOST R34.11-94 (hash function) and GOST R34.10-2001 (ES on elliptic curves).

To use functions cryptographic protection The iBank 2 system has built-in support for the following multiplatform crypto libraries certified by the FSB:

PBZI "Crypto-C Version 2.0" of the company "CryptoEx" (certificate of compliance of the Federal Security Service of the Russian Federation reg. No. SF / 114-1614 dated February 28, 2011);
CIPF "Crypto-COM 3.3" of the company "Signal-COM" (certificates of compliance of the Federal Security Service of the Russian Federation No. SF / 124-2815 dated February 1, 2016, No. SF / 124-2816 dated February 1, 2016).

The "iBank2" system has built-in support for the personal hardware crypto provider "iBank2Key" in the form of a USB token and a smart card. The personal hardware cryptographic provider contains the Cryptomodul-S cryptographic information protection system, certified by the Federal Security Service of the Russian Federation in class KS2, provides secure storage of secret keys of the electronic signature (non-retrievable keys) and generates the client's electronic signature under the document using the Russian cryptoalgorithm in accordance with GOST R34.10-2001 . Also, the system has built-in support for the personal hardware cryptographic provider “MS_KEY K” in the form of a USB token certified by the FSB of the Russian Federation in class KS2 (certificate of conformity of the FSB of the Russian Federation No. SF / 124-2673 dated 07/30/2015).

Control archives are maintained in the iBank 2 system, in which all electronic documents with ES are stored to resolve conflict situations. The system maintains the history of documents - by whom and when the document was created, edited, signed, executed or rejected.

PC-Banking is a solution for the client part of the iBank2 system to work offline. Working with documents, directories, importing documents from accounting programs, signing documents, viewing statements do not require a permanent connection to the Internet.

For the functioning of PC-Banking, the client needs any modern computer with any operating system and any virtual Java machine - Microsoft JVM built into Internet Explorer, Sun Java Plugin or any other, not lower than JRE 1.7.

Synchronization with the bank — transferring financial documents to the bank, downloading statements, synchronizing directories, downloading updates for the PC-Banking client component — takes place via a secure TCP/IP connection.

The client component of PC-Banking is implemented as a Java application installed on the user's computer. The client distribution of PC-Banking has a size of about 6 MB and is the same for all clients.

The primary storage of all information for PC-Banking is the banking server. In the event of a computer failure, when reinstalling the OS or when working on a new computer, the user only needs to reinstall the PC-Banking client distribution package and synchronize with the bank.

As a result, all current client settings, all documents with current statuses previously sent to the bank, history of status changes, all statements, directories of recipients and beneficiaries, all system updates will be downloaded from the bank server. The period of synchronization of documents and statements is set by the client himself.

The client component of PC-Banking is multi-client - within the framework of one program, several organizations work with their details, documents, statements and directories. Each organization works in its own “plane” of the program and does not overlap with others.

PC-Banking has built-in functions for pre-registration of clients, generation of ES keys (electronic signature), key management and printing of certificates, a generator of one-time passwords and confirmation codes in the form of OTP tokens is used.

PC-Banking provides a guaranteed level of security, contains a mechanism for electronic signature under financial documents of clients. All data is encrypted using Russian cryptographic algorithms, the integrity of transmitted data is monitored. The system provides the legal significance of electronic document management. The operation of an arbitrary number of employees and electronic signature keys is supported.

Additional security mechanisms for corporate clients:.

SMS-informing clients about entering the system, about receipt of payment documents in the bank, about the movement of funds on client accounts.
Enhanced multi-factor authentication when logging in using one-time passwords.
A mechanism for additional confirmation of payment orders with one-time passwords (in addition to the ES).

SMS-messages and OTP-tokens are used as sources of one-time passwords in the "iBank 2" system.

In order to increase security when working on the Internet, we recommend that you read the following documents:

Documents for getting started in the iBank2 system:

PC-Banking User Manual (short 1.8 Mb - 52 pages, full 5.5 Mb - 205 pages)

Download and install:

Client distribution package PC-banking

Windows 32 bit	PC Banking.exe (5.7 Mb)	MD5 2CFD24D4318502AC7F513ED41B78836D
Windows 64-bit	PC-Banking_x64.exe (5.8 Mb)	MD5 F41EAFAC8CA90686EB8FFCF772186D55
Linux/MacOS 32-bit	PC-Banking-linux-i586.tar.bz2 (6.31Mb)	MD5 3F9D308E37AD6C662F9FC49002A73B2A
Linux/MacOS 64-bit	PC-Banking-linux-x86_64.tar.bz2 (6.43 Mb)	MD5 5A28B161A9D66AFDF45BD2D9D932D781

The 3rd column shows the hash sums of PC-Banking distributions. To check the validity of the installation files,

What is Internet-Banking for corporate clients?

Internet-Banking is designed to provide electronic banking services (remote banking services) to organizations and individual entrepreneurs.

Internet-Banking allows:

create, sign and send financial documents to the bank;

receive reports from the bank (statements, etc.);

track the status of previously sent documents.

You can work in Internet-Banking under any operating system: Windows, Mac OS X, Linux. Any modern web browser is enough to work: Internet Explorer, Firefox, Opera, Safari, Chrome.

Internet-Banking provides a guaranteed level of security, contains information encryption and electronic signature mechanisms, supports work with USB-tokens "iBank 2 Key", "Rutoken EDS".

Internet-Banking interacts with accounting programs (1C, etc.), supports simultaneous work of employees from different offices.

Cause: It is possible that blocking of active Java scripts is enabled in your browser and/or proxy server settings.

Solution: Check your browser/proxy settings.

Internet Explorer 7.0: Tools->Internet Options , go to the tab Security Another. Listed Parameters go to section Scripts->Active Scripts and set the flag

Cause: Perhaps your browser settings are set to prohibit the execution of Java scripts.

Solution: Check your browser settings.

Internet Explorer 7.0: Launch the browser, select the item in the main menu Tools->Internet Options , go to the tab Security . Select the required Internet zone and click the button Another. Listed Parameters go to section Scripts->Run Java Application Scripts and set the flag allow .

Java applet does not start.

Cause: Using an outdated version of java.

Solution: Internet Banking works successfully with the following versions: Java 2 Standard Edition Runtime Environment Version 1.4.2 or higher. When using "iBank 2 Key" USB tokens, Java SE 6 is required. It is recommended to enable automatic update and use latest version Java. current version You can always download from the developer's site.

Java applet does not connect to bank server.

Cause: Connection problems can be caused by several reasons, ranging from the presence of local firewalls (Firewall) to blocking ports by your Internet provider.

Solution: You need to contact the bank administrator to clarify the numbers of TCP ports that need to be opened in the IP filter on the Firewall.

The driver distribution kit for working with Rutoken EDS can be obtained from the site rutoken.ru

Detailed Instructions for installing the driver and using USB tokens can be obtained from the relevant user manuals, which can be obtained by contacting the bank.

Where in the computer can you see the USB token when you plug it in?

The USB token is not a "flash drive", so it cannot be seen by clicking on the "My Computer" label. It can only be seen in the "Device Manager" as "Smart card reader" - "USB Token Device".

When logging into Internet Banking, it is impossible to select the storage type "USB token or smart card"

IMPORTANT! First, the driver is installed, and only then the USB-token "iBank 2 Key", "Rutoken EDS" is inserted into the computer port! If you did the opposite, then remove the USB token from the port. In the device manager of your computer, find "Smart Card Reader" and remove all its components. Install the driver again. Restart your computer. Only after that you can connect "iBank 2 Key", "Rutoken EDS".

It is impossible to create a new ES key when using the "iBank 2 Key" smart card.

Install Sun Java Plugin 1.6 . Other versions of Java do not support smart card technology. Repeat the registration process.

Why can't I select a USB token in the key selection field?

If this error occurs, try installing the latest version of Java Machine.

I have windows vista. USB-token driver "iBank 2 Key" is not installed.

When installing the "iBank 2 Key" USB token driver for Windows Vista, ADMINISTRATOR rights are required, i.e. you must run executable files as an administrator.

Security questions

Information security mechanisms in the "iBank 2" system.

"iBank 2" refers to the class of secure electronic document management systems.

To ensure the authenticity (proof of authorship) and the integrity of the document, the electronic signature mechanism is used under electronic documents.

To ensure confidentiality, a data encryption mechanism is used. When interacting via the Internet, encryption and integrity control of the transmitted information is carried out, cryptographic authentication of the parties is carried out.

The system implements Russian cryptographic algorithms in accordance with GOST 28147-89 (encryption, imitation insertion), GOST R34.11-94 (hash function) and GOST R34.10-2001 (ES on elliptic curves).

To use the cryptographic protection functions in the iBank 2 system, support for the following multiplatform crypto libraries certified by the FSB is built-in:

PBZI "Crypto-C Version 2.0" of the company "CryptoEx" (certificate of compliance of the Federal Security Service of the Russian Federation reg. No. SF / 114-1614 dated February 28, 2011);

CIPF "Crypto-COM 3.3" of the company "Signal-COM" (certificates of compliance of the Federal Security Service of the Russian Federation No. SF / 124-2061 dated February 1, 2013, No. SF / 124-2062 dated February 1, 2013).

Additional security mechanisms for corporate clients.

SMS-informing clients about entering the system, about receipt of payment documents in the bank, about the movement of funds on client accounts.

Enhanced multi-factor authentication when logging in using one-time passwords.

A mechanism for additional confirmation of payment orders with one-time passwords (in addition to the ES).

SMS-messages and OTP-tokens are used as sources of one-time passwords in the "iBank 2" system.

What security measures should be observed when working in Internet-Banking?

Safety measures when working with EP:

To protect ES keys from theft by malware, it is recommended to use USB-tokens "iBank 2 Key", "Rutoken EDS";

In the absence of "iBank 2 Key", "Rutoken EDS", save the key storage file on a removable medium (USB drive). It is not allowed to store it in places where it can be accessed by anyone other than you. The alienated medium with the key store must be carefully protected from unauthorized access;

The password for access to the ES key should be known only to you as the owner;

Do not allow constant and uncontrolled connection to the computer of USB-tokens "iBank 2 Key", "Rutoken EDS";

Do not transfer "iBank 2 Key", "Rutoken EDS" with EDS keys to anyone;

Do not use Internet-Banking in an Internet cafe, or where you are not sure about the safety of computers;

When dismissing a responsible employee who had access to the ES key, be sure to notify the Bank and block the key;

If there is any suspicion of compromising the ES keys or compromising the execution environment (presence of malware in the computer), be sure to notify the Bank and block the ES keys.

Measures to protect the computer from which you work in Internet-Banking:

Follow the rules for limited physical access to this computer. The list of employees of the organization must be approved, including responsible employees and technical personnel who are allowed access to computers from which work is carried out in Internet-Banking.

It is recommended to use a separate computer exclusively for working in Internet-Banking. Other actions (working with other programs, working with e-mail, visiting sites on the Internet) should not be carried out from this computer.

Use only licensed software in your work. Do not download or install software obtained from unverified sources.

Try to use modern operating systems (OS). These systems are more secure than previous, often outdated versions. Install OS patches and updates in a timely manner. Enable automatic OC updates, which will install the latest patches, thereby eliminating OS vulnerabilities.

Use system and application software only from trusted sources that guarantee the absence of malware. At the same time, it is necessary to ensure the integrity of updates received on media or downloaded from the Internet.

Use and promptly update specialized software for information protection - anti-virus software, personal firewalls, protection against unauthorized access, etc.

User guide. CFC-Online

User guide. CFC-Offline

Data exchange between "iBank 2" and "1C:Enterprise 7.7", "1C:Enterprise 8.1" systems

"Corporate autoclient" module of "iBank 2" system

Format of import and export of documents in the "iBank 2" system

Module "iBank 2 for 1C: Accounting" version 2.0, Module "iBank 2 for 1C: Accounting" version 3.0

Electronic signature verification utility

Installation instructions (for customers who install the Bank-Client system on their own)

1. Copy the distribution kit received from the Bank to HDD(if the distribution was downloaded from the site as a *.zip archive, unzip it).

2. Run the Setup.exe file from the distribution kit

3. If you plan to keep the private keys on floppy disks, run the entire installation with the default settings (prepare blank floppy disks for the number of signatures in advance).
Otherwise: (it is supposed to store the keys on a flash memory or on a hard disk), during the installation process, uncheck the checkbox "Installation with default parameters"

4. If you chose to install with default options, follow the prompts in the installer. If no default options were selected, then during the installation process you will see the following window:

Click the … button to edit the private key directory. Instead of the drive letter A: put the letter of the device where the private keys will be stored.

5. Next, during the installation process, you will be asked for the username of the system.
Select DBA. Using the >> button, transfer the list of available keys to the right window

6. Further installation does not require settings, just click the "Next" button until you see

H press OK.

7. Run the Bank-Client program
(Start - All Programs - BSSystems - BS-Client v.3)

8. Enter the menu Settings - Transport. In the top list, mark the subscriber of CJSC NKB Slavyanbank. In the lower list: double click on the AWS entry of CJSC NKB Slavyanbank. In the window that appears

edit the Maximum number of connections parameter. Should be ten. Click OK.

9. Repeat step 8 for your own transport subsystem. (In your own entry, the IP and Host fields are empty).

10. In the "Transport subsystem settings" window, select the "gateways" tab. Double click on gateway "2 TCPGATE". Click the Settings button in the Gateway Description window. Check the checkbox "Show data transfer indicator"

Attention! If the client workstation is in local network and the connection to the Internet goes through a proxy or gateway, the following settings may be required: In the transport subsystemCJSC NKB Slavyanbank in the IP field, enter the IP address of your gateway, clear the Host field. Configure your gateway so that traffic on port 1024 of the gateway is forwarded to the IP address 213.148.170.187. The firewall, respectively, must pass this traffic. The connection to the banking server is carried out via the TCP protocol and is initiated by the Client.

11. Close the Bank-Client program and replace the files CertProp.rtf and keyexch.rtf in the C:\BSClnt_3\SUBSYS\PRINT\RTF folder with the files of the same name that were sent to you with the distribution package. Launch the Bank-Client program.

12. Attention! The keys installed from the distribution kit are technological and are not suitable for signing payment documents. You must register a new certificate immediately after installation.

To do this, in the Bank-Client system:

The menu item Settings - CryptoProtection - Requests for registration of certificates is executed.

In the window that appears, click the "New" button

IN choose the key to be updated, the request is signed with the Client's old key and sent to the Bank. At the same time, the document is being generated:

Registration card No.____

Signing public key (certificate)

Crypto-protection system: "CRYPTO-SI" (version 1.0) 340-00-371

Client name: Fill in the client's name

Key owner:(Vasily Ivanovich Pupkin)

Key Options:

Algorithm: GOST R34.10-2001

UID: nes-1 (17-04-2009 14-32-37)

Public key text :

Signing public key:fill in: position, full name key owner

(position, full name of the owner of the key)

Key registration date:Set current date

Signature of the key owner: ___________________________ M.P.

(signature)

_____________________ Full name of the manager (you can delete these 2 lines if the owner of the key is the Manager)

(head's signature*) (head's full name*)

Chairman of the Board __________________ Titov V.I.

(signature)

Head of the Department of the RVC __________________ Popov S. G.

(signature)

M.P.

In this document, you must fill in the fields marked in red, print out 2 copies, certify with the signature of the owner of the key and the head and seal and send to the Bank. Notify the Bank by phone 66-51-95 about the key change. Immediately after the receipt of this document by the Bank, a new client certificate will be registered and a confirmation of registration will be sent to the Client via the Bank-Client system. The system will warn about receiving a certificate from the bank and offer to register it. After successful registration, a new The secret key will exist in a single copy on the key owner's removable media. The old key is no longer valid.

Attention!In view of the importance of this procedure, the Manager, Chief Accountant and key owner are strongly recommended to be personally present when sending the registration request and printing the Recognition Certificate.

"User's Manual Version 2.0.23 Contents Preface................................................................................. 2 ..."

iBank 2 system

USB Token Guide

and smart cards "iBank 2 Key"

User guide

Version 2.0.

Foreword.............................................. 2

General information about personal hardware crypto providers.......... 3

General information about USB-tokens «iBank 2 Key»... 4

General information about "iBank 2 Key" smart cards .............................. 5 Preparing "iBank 2 Key" for operation ............................... .............. 5 Installing the driver for "iBank 2 Key" for Windows............. 5 Setting up software for USB tokens and card readers for Linux .......... 9 Installing the driver for "iBank 2 Key" for MacOS ............... 9 Working with USB-tokens and smart cards "iBank 2 Key" ................................. 13 Operation and storage of USB tokens, smart cards and card readers ..... 13 Use of USB tokens and "iBank 2 Key" smart cards during registration in the «iBank 2» system .............................. 14 Administration of USB tokens and smart cards « iBank 2 Key .......................... 16 Login to the iBank 2 system .............................. 20 Confirmation of documents in Internet-Banking for private clients... 21 Using crypto-libraries PBZI "Crypto-C" Version 2.0 and CIPF "CryptoCOM 3.2" ......................... ...................... 22 Installing client-side crypto libraries for Windows ........ 23 Installing crypto libraries tech on the client side for Linux.......... 23 «iBank 2» system Version 2.0.

23 Foreword This document is a guide to the use of personal hardware crypto providers "iBank 2 Key" in the electronic banking system "iBank 2". Devices "iBank 2 Key" have two versions - USB-token and smart card.

In the General information about personal hardware crypto providers section, the purpose of USB tokens and smart cards "iBank 2 Key" is considered in detail and information is provided on their compatibility with various operating systems.

Information on the use of USB-tokens and smart cards "iBank 2 Key" and the necessary actions to ensure their correct operation are presented in the sections:

Installing the driver for "iBank 2 Key" for Windows;

Setting up software for USB tokens and card readers for Linux;

Installing the driver for "iBank 2 Key" for MacOS;

The Use and storage of USB tokens, smart cards and card readers section describes measures to ensure the safety and reliability of these electronic devices.

Use of USB-tokens and "iBank 2 Key" smart cards when working with the "iBank 2" system

detailed in sections:

Use of USB-tokens and smart cards "iBank 2 Key" when registering in the "iBank 2" system;

Administration of USB-tokens and smart cards "iBank 2 Key";

Confirmation of documents in Internet-Banking for private clients.

Also in the manual, in the section Using crypto libraries of the PBZI "CryptoSy" Version 2.0 and CIPF "Crypto-COM 3.2", the configuration of cryptography on the client side is considered.

– – –

General information about personal hardware crypto providers Personal hardware crypto providers "iBank 2 Key" generate an ES key within themselves, provide their secure non-retrievable storage and form ES under electronic documents inside the device.

The main advantage of "iBank 2 Key" is the secure storage and non-removability (impossibility of reading) of the ES key. Neither the developer, nor the owner, nor the attacker can in any way read the ES key from the device.

The following cryptographic functions are implemented in "iBank 2 Key":

Hardware cryptographically strong random number generator;

Generation of ES key and ES verification key;

Formation and verification of ES according to GOST R34.10-2001 (elliptic curves);

Generation of encryption keys;

Encryption and decryption in accordance with GOST 28147-89;

Formation and verification of an imitation insert (a data sequence of a fixed length obtained according to a certain rule from open data and a secret key and added to the data to ensure imitation protection) in accordance with GOST 28147-89;

Calculation of the hash function in accordance with GOST R34.11-94.

The formation of an ES in accordance with GOST R34.10-2001 takes place directly inside the token: it receives an electronic document at the input of "iBank 2 Key", at the output it issues an ES under this document. In this case, the time of formation of the EP is less than 0.5 sec.

The ES key is generated by "iBank 2 Key" itself, stored in the secure memory of "iBank 2 Key"

and never, by anyone and under any circumstances, can be read from "iBank 2 Key".

"iBank 2 Key" has a secure memory area that allows you to store up to 63 ES keys of responsible employees of one client or several clients.

Support for "iBank 2 Key" is built into the client modules of Internet-Banking, PC-Banking, Financial Control Center, Corporate Auto-Client. Simultaneous work with several "iBank 2 Key" connected to the computer is possible (relevant when working with the DSC).

BIFIT offers two types of personal hardware crypto providers:

USB-token "iBank 2 Key" (see subsection General information about USB-tokens "iBank 2 Key") and smart card "iBank 2 Key" (see subsection General information about smart cards "iBank 2 Key").

The use of a USB token or an iBank 2 Key smart card makes it fundamentally impossible to steal the ES keys used when working in the iBank 2 electronic banking system.

– – –

General information about "iBank 2 Key" USB tokens

The iBank 2 system has built-in support for the following models of USB tokens:

Housing version "A" (see Fig. 1);

Housing version "M2" (see Fig. 2);

Housing version "B" (see fig. 3).

– – –

Currently, the company "BIFIT" offers banks to use "iBank 2 Key" performed by "M2" and "B".

The USB-token "iBank 2 Key" (version "M2", version "B") is a USB hardware device in a compact plastic case, consisting of a USB card reader and a secure ST23YL18 card microcontroller manufactured by STMicroelectronics.

The microcontroller is ISO/IEC 15408 (common criteria) certified with an EAL5+ confidence level. In the microcontroller, during the production by the mask method, the card operating system of the Russian developer LLC "ProgramPark" is "flashed".

As part of the card operating system contains CIPF "Cryptomodul C23" (developer - LLC "ProgramPark"), certified by the Federal Security Service of the Russian Federation in class KS2. Certificate of the Federal Security Service of the Russian Federation reg. No. SF / 114-1511 dated 08.07.2010

To use the functions of the "iBank 2 Key" token, the support of the above cryptolibrary is built into the "iBank 2" electronic banking system.

USB-tokens "iBank 2 Key" version "M2", version "B" are designed to work on the following platforms: Windows XP/2000/2003/Vista/7, Mac OS X 10.4.8 or older, Linux 2.6.x using Java 6.

– – –

General information about "iBank 2 Key" smart cards

The "iBank 2 Key" smart card is functionally completely similar to a USB token. The only two differences between a smart card and a USB token are different interfaces (ISO 7816 and USB) and different device sizes.

The "iBank 2 Key" smart card is connected to the computer via a CCID-compatible card reader - an external USB device for performing smart card reading operations (see Fig. 4).

In operating systems Windows Vista/7, Mac OS X, the card reader does not require the installation of additional software and is automatically recognized in the OS.

For other operating systems of the Windows family, a driver must be installed (see below).

Installing the driver for "iBank 2 Key" for Windows).

Some laptop models (Dell, HP, Lenovo) are equipped with built-in card readers that can be used to work with the iBank 2 Key smart card.

Smart cards "iBank 2 Key" are designed to work on the following platforms:

Windows XP/Server 2003 SP2/Vista/7, Linux 2.6.x, Mac OS X 10.6.x using Java 6, Mac OS X 10.5.x using Java 5.

– – –

Preparing "iBank 2 Key" for work Installing the driver for "iBank 2 Key" for Windows Driver for "iBank 2 Key" is required to work with USB-tokens and "iBank 2 Key" smart cards in the "iBank 2" electronic banking system.

Attention!

The driver for "iBank 2 Key" is installed before connecting the device. During driver installation, all applications must be closed to avoid a file sharing error. To install the driver, the user needs system administrator rights.

To avoid driver installation errors, do not install via Remote Desktop Protocol.

– – –

To install the driver, download the installation file from the bank's website or from the portal https://ibank2.ru:

For 64-bit systems https://ibank2.ru/drivers/iBank2Key-Driver-Windows-x64-1.11.exe (2.8 Mb)

For 32-bit systems https://ibank2.ru/drivers/iBank2Key-Driver-Windows-x86-1.11.exe (2.7 Mb) Run the downloaded file. A window for selecting the installation language will appear on the screen (see Fig. 5).

– – –

By default, the driver installation directory is suggested - C:\Program Files\BIFIT\iBank 2 Key Driver 1.11\. To change the installation directory, click the Change button and specify the desired location.

To continue and go to the installation type selection window (see Figure 8), click the Next button.

– – –

In the Installation type window, check the box next to the required value and click the Next button to go to the next installer window (see Figure 9).

– – –

When choosing the installation type Full, the necessary components will be installed on the user's computer to ensure the operation of all types of "iBank 2 Key" (smart card, USB-token version of the case "M2", "A", "B").

If you select the Custom installation type, you can determine for which type of "iBank 2 Key" the required components should be installed.

Click the Install button to continue installing the driver.

Rice. 10. Installing required driver components

In the final window of the driver installer (see Fig. 11), check the Show readme file box if you want to see brief information about "iBank 2 Key"

and click Finish.

iBank 2 system Version 2.0.

– – –

Configuring software for USB-tokens and card readers for Linux To operate USB-tokens "iBank 2 Key" and a card reader in a Linux environment, do the following:

1. Depending on the architecture of your OS, download from the bank's website or from the "iBank2.RU" portal

For 64-bit systems https://ibank2.ru/drivers/iBank2Key-Driver-Linux-x64-1.07.sh.gz (152 Kb)

For 32-bit systems https://ibank2.ru/drivers/iBank2Key-Driver-Linux-x86-1.07.sh.gz (137 Kb)

2. In your OS, check if the pcscd daemon (PC/SC Smart Card Daemon) for pcsc-lite is running ( software to access smart cards) and the libccid library.

3. Unzip the archive and run the iBank2Key-Driver-Linux-***.sh script, where *** is the bit depth of the OS architecture.

As a result of the execution of the script, the libraries and configuration files necessary for the operation of "iBank 2 Key" will be copied from the archive to the required OS directories.

Installing the driver for "iBank 2 Key" for MacOS For the operation of "iBank 2 Key" USB tokens in the MacOS environment, you need to install the "iBank 2 Key" driver.

Attention!

USB-token drivers "iBank 2 Key" are installed before connecting the device.

To install the driver, download and unzip the ZIP archive from the iBank2.RU portal:

https://ibank2.ru/drivers/iBank2Key-Driver-MacOSX-2.13.pkg, 269 KB.

– – –

To continue and proceed to the step of selecting the type of driver installation (see Figure 13), click the Continue button.

Rice. 13. Installation window: iBank 2 Key Driver 2.13. Accommodation

– – –

Rice. 14. Installation window: iBank 2 Key Driver 2.13. Installation type To change the installation directory, click the Change installation location... button and specify the required location.

Click the Install button to perform a standard driver installation. The screen will display information about the progress of the installation process (see Figure 15), after which you must restart the computer to update system files. To do this, click the Restart button (see Figure 16).

– – –

For the correct operation of the Java applets of the "iBank 2" system in the MacOS environment, it is necessary to use the Java version 1.6.

The Java applets version for MacOS is selected in Finder/Applications/Utilities/Java/Java Preferences (see Figure 17).

– – –

Working with USB-tokens and smart cards "iBank 2 Key"

Operation and storage of USB tokens, smart cards and card readers USB tokens, smart cards and card readers are sensitive electronic devices. During their storage and operation, the user must comply with a number of rules and requirements, in case of violation of which these devices may fail.

The following operating and storage rules will ensure the long service life of USB tokens, smart cards and card readers, as well as the safety of user confidential information.

It is necessary to protect USB tokens, smart cards and card readers from strong mechanical impacts (falls from a height, shock, vibration, shock, etc.).

USB tokens, smart cards and card readers must be protected from high and low temperatures. In case of a sudden change in temperature (bringing a cooled device from a frost into a warm room), it is not recommended to use a USB token, smart card or card reader for 3 hours to avoid damage due to moisture condensed on the electronic circuit. Protect USB tokens, smart cards and card readers from direct sunlight.

It is necessary to protect USB tokens, smart cards and card readers from moisture and aggressive environments.

Exposure of USB tokens, smart cards and card readers to strong magnetic, electric or radiation fields, high voltage and static electricity is unacceptable.

When connecting a USB token or card reader to a computer, do not use excessive force.

The USB token must always be kept closed during non-working hours to prevent dust, dirt, moisture, etc. from getting on the USB token connector. If the token connector is clogged, you need to take measures to clean it. Use a dry cloth to clean the housing and connector.

The use of water, solvents and other liquids is unacceptable.

Do not disassemble USB tokens, smart cards and card readers - this will void the warranty!

It is necessary to avoid surges in the power supply of the computer and the USB bus when the USB port is connected, and also do not remove the token or card reader from the USB port during writing and reading. It is forbidden to remove the smart card from the card reader during the writing and reading procedure.

In case of malfunction or malfunction of USB tokens, smart cards or card reader, please contact the Bank.

1. Do not transfer USB tokens and smart cards to third parties! Do not tell third parties the passwords for the ES keys!

2. Connect the USB-token or smart-card to the computer only while working with the "iBank 2" system.

3. In case of loss (theft) or damage to the USB token or smart card, contact the bank immediately.

iBank 2 system Version 2.0.

23 Using USB-tokens and smart cards "iBank 2 Key" when registering in the "iBank 2" system

The process of pre-registration of corporate clients is carried out in the relevant workstations (Internet-Banking, PC-Banking, CFC-Online), bank employees - in the "Registrar for bank employees" workstations. To register, connect to the Internet, launch a Web browser and go to the page for clients or bank employees of the "iBank 2" system of your bank.

On the login page for clients, bank employees of the "iBank 2" system, select the appropriate item: Corporate Client Service, Online Financial Control Center or Pre-registration of bank employees, as a result of which an html page containing a brief description of the procedure for registering a new client or employee will be loaded first, and after 15 - 30 seconds (depending on the speed of Internet access) the corresponding workstation will be loaded.

Connect a USB token or card reader with an inserted "iBank 2 Key" smart card to the computer's USB port.

Go through all the registration steps. On the eighth step (corporate client) or on the fourth step (bank employee), select the USB token or smart card item from the list as the Key storage (see Fig. 18, Fig. 19).

Rice. 18. AWS "Internet-Banking for Corporate Clients". Pre-registration. Step 8 of 11

– – –

Rice. 19. AWS "Registrar for bank employees". Pre-registration. Step 4 of 7 At the next registration steps, you need to enter the name and password for the generated ES key.

If a key with the same name already exists in the Key Storage when entering the name of the key, then the key will not be overwritten, and you will be warned about this (see Fig. 20). In this case, you must either assign a different name to the key, or first remove the unnecessary key from the Storage (see Administration of USB tokens and "iBank 2 Key" smart cards).

– – –

Note:

One USB-token or "iBank 2 Key" smart card can contain up to 63 ES keys of responsible employees of different corporate clients served in different banks with different instances of the "iBank 2" system.

– – –

To keep your password secure:

The password should not consist of only numbers (so it is easier to peep from behind);

The password should not be too short and consist of characters that are on the same line on the keyboard;

The password must contain both uppercase and lowercase letters, numbers and punctuation;

The password should not be a meaningful word (your name, date of birth, wife's maiden name, etc.) that can be easily picked up or guessed.

You can enter the password to the ES key incorrectly, which is located on the USB token or smart card "iBank 2 Key", no more than 15 times in a row. After that, the ES key is blocked forever.

Administration of USB-tokens and smart cards "iBank 2 Key"

The following actions are possible with "iBank 2 Key" and ES keys:

1. Setting a PIN code for access to USB tokens and smart cards "iBank 2 Key";

2. Printing of the ES verification key certificate;

3. Changing the password for access to the ES key;

4. Changing the name of the ES key;

5. Deleting the ES key.

Administration of USB-tokens and smart cards "iBank 2 Key" is carried out:

Corporate clients in Internet-Banking, PC-Banking, CFC-Online;

Private clients in Internet-Banking for private clients;

Bank employees in the AWP "Registrar for bank employees".

– – –

3. The USB tokens and smart cards selection field will display the serial number of the device connected to the computer. If necessary, you can select another connected device by pressing the Select button. A list of ES keys will be displayed under the serial number (see Fig. 21);

– – –

Rice. 21. AWP "Internet-Banking for Corporate Clients". ES keys administration Private clients

1. Go to the ES Key Management section.

2. Connect the "iBank 2 Key" USB token to the computer's USB port or insert the smart card into the card reader connected to the computer.

3. Select the required action by clicking the appropriate link (see Figure 22).

4. You will be redirected to the page with the selected action. The USB tokens and smart cards selection field will display the serial number of the device connected to the computer. If necessary, you can select another connected device. Under the serial number, a drop-down list of ES keys in the selected Vault will become available, where you must select the required ES key and perform the corresponding action (on page 19, see

possible actions with ES keys).

– – –

Rice. 22. AWS "Internet-Banking for private clients". ES key management Bank employees

1. Launch the "Registrar for bank employees" workstation and select the ES keys administration item (see Fig. 23).

2. Specify the type of ES key storage - USB token or smart card.

3. The USB tokens and smart cards selection field will display the serial number of the device connected to the computer. If necessary, you can select another connected device by pressing the Select button. A list of ES keys in the selected Vault will be displayed under the serial number;

4. Select an ES key and click the appropriate button to perform the required action (see possible actions with ES keys on page 19).

– – –

Setting a PIN code for accessing USB tokens and smart cards "iBank 2 Key"

To provide additional protection against unauthorized access to ES keys stored on a USB-token or smart card "iBank 2 Key", it is possible to set a PIN-code for access to "iBank 2 Key".

When accessing "iBank 2 Key" with a given PIN code, there is no possibility of obtaining a list of "iBank 2 Key" keys and any actions with them until the correct PIN code is entered.

The PIN code for "iBank 2 Key", if it is set, is requested from the user when performing the following actions:

Authentication in Internet Banking;

Appeal to "iBank 2 Key" in case of its disconnection and subsequent connection;

Access to "iBank 2 Key" during the administration of ES keys;

Signing documents and synchronizing data with the bank while working in PC-Banking.

To assign a PIN code, select the required ES key in the list and click the Change PIN button (Internet-Banking, PC-Banking, CFC-Online, registrar of bank employees) or the Change PIN link (web-interface for private clients), enter the new PIN value twice -code and press the Accept or Change PIN button.

The PIN code must be at least 6 characters long and can contain any combination of letters, numbers, and punctuation marks (see page 16 for password protection recommendations).

The PIN-code assigned to "iBank 2 Key" cannot be deleted, it can only be changed.

It is possible to enter the PIN-code of access to "iBank 2 Key" incorrectly no more than 15 times in a row.

After that "iBank 2 Key" is blocked for use.

Printing an ES verification key certificate Select the required ES key from the list and click the Print button or the Export certificate to RTF link. Specify the password to access the ES key. Click the Accept or Export certificate to RTF button.

Changing the password for accessing the ES key Select the required ES key from the list and click the Change password button or the Change password link. Specify the current ES key password and the new password twice. Click Accept or Change Password.

Changing the name of the ES key Select the required ES key in the list and click the Rename button or the Rename key link. Specify the password for access to the ES key and the new name of the ES key in the Key storage. Click Accept or Rename Key.

– – –

Deleting the ES key Attention!

If the ES key is deleted from the Key storage, it will be impossible to restore it. Therefore, you can delete keys that will no longer be used when working with the system (expired keys, compromised keys, etc.).

Select the required ES key in the list and click the Delete button or the Delete key link. Specify the password to access the ES key. After clicking the Accept or Delete key button, the key will be permanently deleted from the Key Vault.

To download AWP for corporate clients (Internet-Banking, PC-Banking, TsFKonline), “Operator” or “Bank/branch administrator”, connect to the Internet, launch a Web browser and go to the page for clients or bank employees of the “iBank 2” system your bank.

Connect the "iBank 2 Key" USB token to the computer's USB port or insert a smart card into a card reader connected to the computer.

On the main page of "iBank 2", select the item you need: Corporate Client Service, Online Financial Control Center, Bank teller or Bank administrator. As a result, the start html page will load first, and after 15-30 seconds Internet) the requested workstation will be loaded.

The first window of the workstation, Login to the system, designed for user authentication is shown in Fig. 24.

– – –

In this window, do the following:

In the Storage type field, select USB token or smart card. The Identifier field will display the serial number of the selected USB token or smart card.

When using a USB token or smart card with a PIN code, after selecting them in the previous step, a window for entering a PIN code appears (see Figure 25).

– – –

From the list in the Key field, select the name of the ES key. Specify the Password to access the selected key. When entering a password, the language (Russian/English) and case (capital/capital letters) are taken into account.

If you need to use a proxy server to connect to the Internet, click the Connection settings link and in the window that opens, specify the address and port of the Proxy server in the appropriate fields.

To log in, click the Login button.

Confirmation of documents in Internet-Banking for private clients Private clients can use USB-tokens and "iBank 2 Key" smart cards to sign electronic documents of their ES to send the document to the bank. The functionality is available with the appropriate Internet Banking settings.

Document signing in Internet-Banking for private clients is carried out at the second step of document creation. Clicking the Send to Bank button opens the Signature Plugin window (see Figure 26). To sign and send a document, connect the "iBank 2 Key" token to the computer's USB port or insert a smart card into a card reader connected to the computer - into

– – –

In the plug-in window, in the field for selecting USB tokens and smart cards, the serial number of the connected device will be displayed. Select the ES key with which you want to sign the document, specify the password for it and click the Sign button.

Rice. 26. Internet banking for private clients. Signature of the client's ES document

CIPF is built into the iBank 2 system, which implement cryptographic algorithms in accordance with GOST 28147-89 (encryption, imitation insertion), GOST R34.10-2001 (ES on elliptic curves) and GOST R34.11-94 (hash function) .

When using the software CIPF built into the iBank 2 system, the ES keys of clients are stored in file storages.

For cryptographic protection of information, two mutually compatible multiplatform cryptolibraries certified by the Federal Security Service of the Russian Federation are built into the iBank 2 system and are supplied as part of it:

– – –

"Crypto-COM 3.2" company "Signal-COM". Certificates of conformity FSB RF reg.

No. SF/124-1337 of 05.06.2009, No. SF/114-1170 of 15.07.2008, No. SF/114-1551, No. SF/114SF/124-1553 and No. SF/124-1554 of 07.11 .2010

Cryptolibraries are built-in and distributed as part of the iBank 2 system on the basis of license agreements between the BIFIT company and the CIPF developers.

For the client to use software cryptographic information protection tools, it is necessary to have crypto libraries on the client side.

Installation of client-side cryptolibraries for Windows Cryptolibraries PBZI "Crypto-C" Version 2.0 and CIPF "Crypto-COM 3.2" are installed by copying the library files to a directory accessible via the PATH environment variable, for example, C:\Windows or C:\Windows\ system32.

To install PBZI "Crypto-C" Version 2.0, copy the files ibank2cryptoc2.dll, CrC_InitBioRnd32.dll

To install CIPF "Crypto-COM 3.2" copy the ibank2ccom.dll file.

To obtain crypto library files, contact your bank.

Installing Client-Side Crypto Libraries for Linux

The crypto libraries of the PBZI "Crypto-C" Version 2.0 and the CIPF "Crypto-COM 3.2" are installed by copying the library files to a directory defined as follows:

1. Enter the "iBank 2" system on the start page and launch any of the java applets (for example, "Internet Banking for Corporate Clients").

2. Open the Java Console window in your browser and press S while in it.

3. A list of variables will appear in the console. The path to the required directory is any value of the java.library.path variable.

Library files to be copied:

To install PBZI "Crypto-C" Version 2.0, copy the file libibank2cryptoc2.so

And before the "Book of Judith" in the Slavic and Russian Bibles is placed the "Book of Tobit" (in the LXX and in the Vulgate, the books of Tobit and Judith usually stand between the book of Nehemiah and the book of E ... "

«INT-CR PARTITION CONTROL MODULE int-cr_en 12/11 The INT-CR partition control module allows arming, disarming and clearing alarms in partitions (partitions) using cards, key fobs and other passive 125 kHz transponders (further in in the text, "map" means any passive transponde..."

"Appendix 6 to the Rules for catering for students in secondary education organizations form Protocol on admission to participate in the competition Competition for the selection of providers of catering services for students in a municipal state institution ..."

"IN AND. Vernadsky. Diaries LIBRARY OF WORKS OF ACADEMICIAN V.I RN DSKO.VE AGO The series was founded by Academician A.L. YANSHIN in 1990 VOLKOV MOSCOW "NAUKA" 2001 UDC 930 BBK 63.2 V 35 Compiled by Doctor Ge...” of the search is given in Table 1. Subject search corresponds to the situation of formation (selection) of a sign, device ... "

2017 www.site - "Free electronic library - electronic materials"

The materials of this site are posted for review, all rights belong to their authors.
If you do not agree that your material is posted on this site, please write to us, we will remove it within 1-2 working days.

What is Internet Banking for Corporate Clients?

Internet Banking for Corporate Clients” of the “iBank2” system is designed to provide electronic banking services to corporate clients (legal entities) online on the basis of a concluded agreement for the provision of banking services.

Internet Banking allows you to:

create, sign and send financial documents to the bank;
receive reports from the bank (statements, etc.);
track the status of previously sent documents.

You can work in Internet Banking under any operating system: Windows, Mac OS X, Linux. Any modern web browser is enough to work: Internet Explorer, Firefox, Opera, Chrome, Safari (provided that the browser is used in conjunction with Mac OS X).

Internet banking provides a guaranteed level of security, contains mechanisms for encrypting information and electronic signatures, and supports working with USB tokens. Internet banking interacts with accounting programs (1C, etc.), supports the simultaneous work of employees from different offices.

What are the requirements for a computer to work in Internet Banking?

Any modern computer with free space random access memory at least 4GB MB.
Any modern operating system Microsoft Windows: 7 (x86/x64), 8 (x86/x64), 8.1 (x86/x64), 10 (x86/x64) or higher, Apple Mac OS X: 10.7 or higher, Linux, etc.
Monitor with a resolution of at least 1280x1024.
Access to the Internet. Recommended connection speed - 200 Kbps

For Offline-Bank to work, you need to install the 32-bit version of Java, which can be downloaded from the developer's website using the IE browser.

Can I work in Internet banking from different computers?

Yes, you can. To enter the Internet Banking, you need a computer with the BIFIT Signer software installed, the Internet, a key with an electronic signature password.

All information (documents, statements, settings) is centrally stored on the bank server and becomes available after entering Internet Banking.

BIFIT Signer Plugin

Why is it necessary to install the BIFIT Signer plugin?

Installing the BIFIT Signer plugin is intended for the client's electronic signature.
The BIFIT Signer plugin must be the latest version installed.

How to install the BIFIT Signer plugin?

If the plugin is installed outdated, the program will display the corresponding message “Your plugin is outdated, to install the updated plugin, follow the link. You must select a link depending on the operating system you have installed." Download and install the plugin following the prompts.

Registration in Internet Banking

How to start using Internet Banking?

You need to do the following:

Appeal to the office of Bank "Primorye", conclude an agreement for the provision of services using the "iBank 2" system, receive a USB token (a device for storing ES keys). When visiting the Bank, you must present an identity document.
independently register on the site. Upon completion of registration, an ES key will be generated on a USB token. . It is necessary to print out two copies of the certificate of the ES verification key, sign it, certify it with the seal of your organization, and transfer it to the bank's office to an economist. Instructions for registering an organization and generating a key.

What does the message mean: “No rights to work with ES. Contact the Bank Administrator?

To protect information, crypto libraries of cryptographic information protection tools are built into the iBank 2 system, which implement cryptographic algorithms in accordance with GOST. Crypto-COM software cryptographic information resources are posted on the website in the "Distributions" section, which must be downloaded and installed on a computer following the instructions.

ES keys and certificates of ES verification keys

Where to save the ES key during generation?

To store ES keys, you must use USB tokens - a device with non-retrievable ES keys.

What rules should be followed when choosing a password for the ES key?

The password must contain at least 6 different characters;
It is desirable that the password consists of Latin letters in different registers, numbers and special characters;
Your password should not consist of only numbers (so it is easier to peep "from behind"), should not be too short and consist of characters that are on the same line on the keyboard;
The password should not be a meaningful word (your name, date of birth, maiden name, etc.) that can be easily picked up or guessed.

How to print the certificate of the ES verification key if it was not possible to do it the first time, or a duplicate of the certificate is needed?

How to log in to the iBank2 system after generating a new ES key?

Install a USB token (devices for storing ES keys)
Go to login page
At the top left, click the "Choose an electronic signature" button
In the dialog box that opens, at the top, click "Find ES", or on the "magnifying glass" icon
In the list under the name and number of your device, select the name of the ES key under which you need to log into the iBank2 system
Click on the message "Data will be updated after logging in". A window for entering a password will open.
Enter the password to access the EP

Attention!!!

The login page displays the ES key with which you last logged into the system from this computer
When you click the "Select electronic signature" button, a list of ES keys previously used to log in from this computer will be displayed
If the required key is not in the list, click "Find ES", or on the "magnifying glass" icon, there will be a transition to the list of keys that were not previously entered into the system

How to log in to the iBank2 system using a login and password?

Logging into the system by login (e-mail) and password is carried out with the obligatory receipt of an SMS code to the phone number (without generating a key and providing certificates to the Bank).

To log in using your login and password, on the login page, go to the “by login” tab.

Enter an email address. In order not to specify an e-mail address each time you enter Internet Banking, check the "Remember e-mail" box.
Enter a long-term password.
Enter the code from the image.
Click the Login button. If the address email or the password is not correct, then after clicking the “Login” button, the corresponding field will be highlighted in red, and the reason for the error is indicated below.

You can use this login method:

Employees who do not have the right to sign
Employees with signing rights can use login and password login:
- when working with untrusted devices;
- to enhance security;
- for convenience.

When logging in with a username and password, all operations are available, except for:

Signature of documents;
Performing actions that require a request signature - monitoring settings (SMS alerts).

If the user is allowed to log in with a login and password in several organizations, then upon entering he will be prompted to select an organization for further work.

Attention!!!

Creation of accounts is possible only for the Head of the organization and an employee with the "Administrator" role. Entry into the iBank2 system must be carried out using an Electronic signature (ES key).
Creation account for the Head of the organization is possible only by himself. (“Settings”, “Login” tab, or select “Employees”, “Accounts” in the menu list)
The role of "Administrator" is set by the Head of the organization at the time of creating an account for the user (menu bar "Employees", "Personal data")
An employee's login can be changed by a Manager or an employee with the Administrator role. Entry into the iBank2 system must be carried out by Electronic signature. (menu bar "Employees", "Accounts")
Only the account user can change the phone number. (“Settings”, “Login” tab)
Password is set to login (e-mail). That is, if several organizations are assigned to one login, then all organizations are logged in under one password.
The e-mail confirmation link is valid for 24 hours. After the specified time, a new e-mail registration in the iBank2 system is required.

Login error

The "Login Failed" message appears after entering a password and only in the Explorer browser.

To solve it, you need to add the site address to the "Trusted Sites":

copy the website address in the address bar of the browser
open the "Security" tab
place the cursor on "Trusted Sites" and click on the "Sites" button
Paste the copied site address into the "Add the following site to the zone" field and click the "Add" button. The address will move to the "Websites" field, and the "Add the following site to the zone" field will be cleared
set "V" in the field "All sites in this zone require server verification (https:)"
Click "Close" and "OK"
Reload browser
Log in to the iBank2 system

Troubleshooting the error "Login is not possible when localStorage is disabled"

The error occurs when storage is disabled.

You can enable it in the browser properties. Next, using Internet Explorer 11 as an example:

you need to open the Tools menu and go to "Internet Options"
open the "Advanced" tab
find the "Enable DOM storage" option and check the box
save settings and reload the page

How to select a default account in the system?

For each document, you can select an account, the data of which will be indicated by default. To do this, click the appropriate link "Sch.N" (all fields highlighted in blue are links that can be expanded) and in the "Account Selection" dialog that opens, in the line of the required account, in the "" checkbox, put "V".

USB tokens

What is a USB token?

USB-token is a storage device for ES keys. The ES key is generated inside the device and can never be copied by anyone, which ensures their secure non-retrievable storage. The ES key can only be deleted, provided that the password is known. The formation of an ES takes place directly inside the device: it receives an electronic document at the input of the device, at the output it issues an ES under the document.

One USB token can store up to 75 ES keys, depending on the manufacturer. It is possible to store ES keys of employees of different organizations on one USB token. Where in the computer can you see the USB token when you plug it in?

Where in the computer can you see the USB token when you plug it in?

The USB token is not a "flash drive", so it cannot be seen by clicking on the "My Computer" label. It can only be seen in "Device Manager", "Smart Card Readers", as "Microsoft Usbccid Smart Card Reader (WUDF)".

USB token administration

The following actions are possible with USB tokens and ES keys:

Setting a PIN code for accessing a USB token
Printing the ES verification key certificate
Changing the password for access to the ES key
Changing the name of the ES key
ES key deletion

In Internet Banking, the "Key Administration" section is located at .

In Offline-Bank "Administration of ES keys" is located in the ES Keys section.

Security questions

Information security mechanisms in the "iBank 2" system.

"iBank 2" refers to the class of secure electronic document management systems.

To ensure the authenticity (proof of authorship) and the integrity of the document, the electronic signature mechanism is used under electronic documents.

To protect information, the "iBank 2" system has built-in support for the multiplatform crypto-library of the CIPF "Crypto-COM 3.4". Certificates of conformity of the Federal Security Service of the Russian Federation No. SF / 114-3268 dated January 11, 2018 (version 40), No. SF / 124-3269 dated January 11, 2018 (version 41). It implements Russian cryptographic algorithms according to GOST R 34.11-94 and GOST R 34.11-2012 (hash function), GOST R 34.10-2012 (ES on elliptic curves), GOST 28147-89 (encryption, imitation insertion).

To use the cryptographic protection functions in the iBank 2 system, support for the following multiplatform crypto libraries certified by the FSB is built-in.

Additional security mechanisms for corporate clients.

SMS notifications: “About entering the system”, “About the rejection of a document”, “About receipt of a document by the bank”, “About incoming documents”, “About the movement of funds on the account”, “About current balances”, “Account statement” . One-time SMS password to enter "iBank2".
SMS-notification: “One-time SMS password to enter “iBank2”.
SMS confirmation: "To send payments to "iBank2". SMS messages and OTP tokens are used as sources for obtaining one-time passwords in the iBank2 system.

What security measures must be observed when working in Internet Banking?

Additionally, you need to familiarize yourself with