Silver Tail Systems' web session activity monitoring and anomaly detection products help enable banks and other financial institutions to comply with the newly released guidance from the United States Federal Financial Institutions Examination Council (FFIEC).
This guidance provides a risk management framework for financial institutions that offer Internet-based products and services, helping them combat the ever-evolving cybercrime threat.
While many financial institutions already have transaction monitoring in place, session-based predictive analytics provides another layer of protection. According to the FFIEC guidance, “Layered security can substantially strengthen the overall security of Internet-based services and be effective in protecting sensitive customer information, preventing identity theft, and reducing account takeovers and the resulting financial losses.”
For institutions that do not perform transaction monitoring, web session predictive analytics can be a simple way to get a strong measure in place very quickly while the rest of the security systems are being implemented.
“I am thrilled to see the acknowledgement that a layered approach is required to protect against today’s sophisticated attacks,” noted Laura Mather, PhD, Co-founder and Vice President of Product Marketing at Silver Tail Systems. “Real-time insight into anomalous behaviour is critical to rapidly detecting attacks and mitigating their impact, and this guidance from the FFIEC sheds light on the market need for this technology, particularly in light of recent attacks. Silver Tail Systems is currently protecting over 250 million online users worldwide – many of them from financial institutions – and with our successful track record, that number is rapidly growing.”
Silver Tail Systems provides the following products to help customers comply with the guidance outlined by the FFIEC supplement:
* Forensics: Identifies threats using predictive analytics; such threats include Man in the Browser, Man in the Middle, customer data scraping, architecture probing, and other pre-cursors to fraud attacks. Web site owners can display usage per page, per user, or per IP level.
* Mitigation: Gives business owners the power to adjust a web site’s business flows in real-time to respond to newly detected threats, tested in a zero-impact environment and deployed automatically to the website – without requiring IT or development resources.