Trusteer's intelligence-based online fraud prevention architecture enables financial institutions to comply with the new online banking security guidance issued Tuesday by the Federal Financial Institutions Examination Council (FFIEC). Trusteer’s security research service supplies financial institutions with real-time intelligence on attacks for risk assessments, while Trusteer Rapport and Trusteer Pinpoint provide two layers of fraud prevention controls (anti-malware and anomaly detection, respectively) cited in the guidelines. Formal assessments for compliance with the new guidance will begin in January 2012.
According the FFIEC Guidance, “Since 2005, there have been significant changes in the threat landscape. The Agencies are concerned that customer authentication methods and controls implemented in conformance with the Guidance several years ago have become less effective.”
“The overriding message from the new FFIEC Guidance is that financial institutions must implement different controls at different layers of their IT infrastructure and keep them up-to-date against evolving and shifting threats,” said Mickey Boodaei, CEO of Trusteer. “Financial institutions should choose solutions that are proven to be effective over time, interoperate with existing fraud prevention systems, and are capable of addressing new threats as these emerge. Since the new guidance requires on-going risk assessment and threat mitigation, financial institutions may find themselves stacking up multiple hardware devices and complex login and transaction approval processes to a point where customers won’t feel comfortable banking online anymore.”
Trusteer is the only vendor to provide intelligence-based security that is deployed at different layers of online banking processes. In the past year, the Trusteer risk analysis service discovered, named, warned and protected financial institutions against new crimeware platforms including SunSpot and OddJob. The Trusteer service can dynamically adapt to changing threats and deploys very quickly. It can be made mandatory for high risk users and transactions or all users, scales to multiple online banking channels (such as business banking, retail banking and mobile banking), and does not require any changes in the way customers bank online. It is proven to provide definitive protection against the most dangerous financial malware such as Zeus and SpyEye. More than 150 financial institutions around the world rely on Trusteer to prevent online fraud.
Trusteer provides the following six independent controls, which are complementary, integrated and centrally managed:
* Trusteer Rapport – a lightweight security software solution that protects web communication between a bank and its customers against malware and phishing.
* Trusteer Mobile – a security service for smart phones and tablets such as iPhone, iPad, and Android that protects mobile communication between a bank and its customers.
* Trusteer Pinpoint – a login and transaction monitoring system that provides real time anomaly detection of malware activity.
* Trusteer Carbon Copy – a real-time login monitoring service that can identify when a user’s credentials have been compromised by a Phishing attack.
* Trusteer Flashlight – a service that enables banks to perform ongoing risk analysis and remotely investigate malware related fraud incidents easily and quickly.
* Trusteer Risk Analysis – a service that monitors fraudsters and their activity against financial institutions. It presents a clear and elaborate picture of the attacks targeting individual banks as well as threats to the industry and other financial institutions in the region.