4
Trusteer Cybercrime Intelligence Global threat intelligence and fraudster database Trusteer Pinpoint Account Takeover (ATO) Detection Correlation of multiple fraud risk indicators for conclusive account takeover and mobile risk detection Malware Detection Clientless detection of Man-in-the-Browser malware infected endpoints Trusteer Mobile Risk Engine Detects mobile and cross-channel fraud risk via web-based services and the included mobile client components Trusteer Apex Zero-day exploits and data exfiltration prevention for employees’ endpoints Trusteer Rapport Prevention and remediation of malware and phishing threats on PCs and Macs Trusteer Mobile Embedded security library for native mobile apps, dedicated secure mobile browser, out-of-band authentication Trusteer Inc. 545 Boylston Street, 5th Floor Boston, MA 02116 T: +1 (866) 496-6139 T: +1 (617) 606-7755 [email protected] trusteer.com Trusteer Cybercrime Prevention Architecture Layer 2: Clientless Fraud Prevention Layer 1: Endpoint Security Cybercrime Intelligence Trusteer Mobile Trusteer Apex Trusteer Rapport Custo m er Prote c ti o n E m p lo yee Protection Trusteer Pinpoint Account Takeover (ATO) Detection Malware Detection Trusteer Mobile Risk Engine Custo m er Protectio n MOBILE RISK MANAGEMENT Trusteer is the Global Leader in Financial Fraud Prevention Boston-based Trusteer is the leading provider of endpoint cybercrime prevention solutions that protect organizations against financial losses and data breaches. Hundreds of organizations and millions of end users rely on Trusteer to protect managed and unmanaged endpoints against exploitation and compromise by online threats that are invisible to legacy security solutions. Global organizations such as HSBC, Santander, SunTrust and Fifth Third are among Trusteer’s customers.

Trusteer Mobile Risk Engine

  • Upload
    others

  • View
    2

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Trusteer Mobile Risk Engine

MO

BILE

RIS

K M

AN

AGEM

ENT

The Mobile Channel is a Hot Target for Cybercriminals• Mobile device adoption will ultimately surpass personal computers in both units and online banking usage

• Mobile banking apps are designed with limited security controls and are unaware of device risk

• Immature mobile fraud detection systems increase the likelihood of a successful attack

• Expanding mobile banking and payment capabilities make the mobile channel an increasingly attractive target

With a growing number of targets and limited fraud detection and prevention capabilities, the mobile channel is becoming an attractive target for cybercriminals. Account Takeover via Mobile Devices Defeats Device ID SolutionsCybercriminals steal credentials from the victim’s PC via malware or phishing attacks to commit account takeover using the mobile device browser. This method represents a major challenge for device ID systems, as many mobile devices have the same fingerprint. For example, most iPhones look alike (same OS, browser, fonts, etc.). A comprehensive risk assessment that incorporates device ID, device risk factors and detailed account compromise history is required to detect account takeover.

Rogue Applications and Mobile Malware Steal Banking CredentialsCybercriminals leverage security vulnerabilities and social engineering to infect mobile devices with malware. Fake gaming or security mobile applications embedded with malware are offered through application stores and marketplaces. Mobile devices are also infected by accessing websites with exploit code that targets mobile browser vulnerabilities (i.e., drive-by-downloads).

Mobile/PC Combo Attacks Circumvent SMS One-Time Password AuthenticationCybercriminals can easily infect a victim’s mobile device to overcome SMS one-time password (OTP) authentication. After a user’s PC is infected with malware, the user is presented with a message to download “security software” to their mobile device. This software intercepts SMS messages and allows the criminal to obtain the victim’s OTP. These malware variants leverage both the online and mobile channels to execute the attack.

With the welcome growth in mobile banking, financial institutions must manage the increased risk associated with the mobile channel. FFIEC guidance requirements for layered security, continuous risk assessment and complex device fingerprinting naturally extend to the mobile channel. Organizations looking to mitigate mobile fraud risk should address complex cross channel attacks and the unique challenges associated with the mobile channel.

Trusteer Mobile Risk Engine

Page 2: Trusteer Mobile Risk Engine

Trusteer Mobile Risk Engine Conclusive Mobile Fraud Risk Detection Based on Device and Account Risk Factors Across Channels

Trusteer Mobile Risk Engine Capabilities

• Detects vulnerable and compromised devices

• Captures persistent device ID, geo-location and detailed device risk factors

• Correlates device and account risk factors across online and mobile channels

• Conclusively stops account takeover attacks from mobile devices using stolen credentials

Trusteer Mobile Risk Engine Components

• Web-based service

• Trusteer Mobile SDK

• Trusteer Mobile App

• Custom Data API

Trusteer Mobile Risk Engine Data Risk Sources

• Trusteer Pinpoint Malware Detection

• Trusteer Pinpoint Account Takeover (ATO) Detection

• Trusteer Rapport

Trusteer Mobile Risk Engine correlates device risk factors and account compromise history to automatically tag fraudsters’ devices across all protected organizations.

Assesses Mobile Fraud Risk in Real-Time Trusteer Mobile Risk Engine (MRE) protects the mobile channel by performing a mobile risk assessment based on device and account risk factors. It enables organizations to mitigate risk by producing accurate and conclusive recommendations to allow, restrict or deny user access. Organizations can use these recommendations to apply stepped-up authentication or extended transaction review for truly high-risk users, sessions and transactions.

Detects High-Risk Devices Based on Multiple Data SourcesMRE generates accurate security recommendations based on multiple device risk factors. To accommodate deployment or integration restrictions, MRE can consume risk data from the included Trusteer Mobile SDK and Trusteer Mobile App (i.e., on-device components) or from the customer’s web app via an API. MRE maintains a global fraudster device database that is shared across organizations.

Correlates Online and Mobile Banking Risk Data for Conclusive Mobile Risk DetectionTo address complex attacks across online and mobile channels, MRE can incorporate account risk factors including malware infections and phishing incidents. This extended data set is collected by Trusteer’s client-based (Trusteer Rapport) and clientless (Trusteer Pinpoint Malware Detection) fraud prevention solutions. The risk data is used to accurately detect account takeover attempts from mobile devices using compromised credentials from other channels.

Meets FFIEC Guidance for Continuous Risk Assessment The FFIEC guidance requires financial institutions to implement continuous risk assessment and implement multiple security layers to detect fraudulent transactions. MRE detects high-risk activity by assessing the risk of every mobile device, mobile login and mobile transaction. The risk-based recommended actions can range from authenticating the user to preventing access to the account.

Ensures a Secure and Hassle-Free Mobile Banking Experience By relying on multiple risk factors across multiplechannels, MRE can accurately track the full attack lifecycle. It uses a set of mobile risk detection rules that map current attack patterns and are updated based on Trusteer’s global intelligence. Only truly high-risk users and transactions are flagged for reviewor stepped-up authenticationin order to minimize the burden to the customer.

!

PhishingIncidents

Trusteer Mobile Risk Engine

Global Fraudster Device Database

Device Vulnerabilities

Persistent Device ID

Malware Infections

Account Access/ Trx

Global Intelligence

Page 3: Trusteer Mobile Risk Engine

Trusteer Mobile SDK Embedded Security Library for Android and iOS Native Mobile Banking Apps

Trusteer Mobile App Secure Mobile Browser for Online Banking

Detects High-Risk Access from Compromised or Vulnerable Devices Trusteer Mobile SDK is invoked when the mobile application is launched to collect various device risk factors. These include: geolocation, device time, IP address, missing OS security patches, rooted/jailbroken device status, risky system configuration settings, malware infections, use of unsecured Wi-Fi connection and more. Risk data is provided to the mobile banking app and can be used to restrict functionality based on device risk level. For example, limiting specific application functions (adding a payee or transferring money) on a jailbroken device. The risk data can also be sent to the Trusteer Mobile Risk Engine where it is correlated with additional device and account risk factors (such as malware infections and phishing incidents) to flag high risk access and transactions.

Generates a Persistent Mobile Device ID for Unique Device Identification Trusteer Mobile SDK creates a persistent mobile device ID allowing the organization to uniquely identify any device using the native mobile banking app. The persistent device ID is associated with the user’s account and uniquely identifies the device, even after the phone is re-imaged. This ensures new devices are identified, login attempts from known devices are unchallenged, and potential fraudster devices are flagged.

Trusteer Mobile SDK Risk Factors

• Persistent Device ID

• Jailbreak/Rooted Device

• Malware Infection

• OS Patching

• Wi-Fi Security

• Rogue Apps

• Application ID

• User ID

• SIM Data

• Geolocation

• And more

Secures Mobile Web Access to Online Banking Trusteer Mobile App includes a secure mobile browser. End users use the mobile browser to safely access the online banking website and financial institutions can mandate that their online banking websites are only accessed via the Trusteer Mobile App. Whenever a protected website is accessed, a complete security posture assessment is performed on the device. Trusteer Mobile App collects mobile device risk factors and a persistent mobile device ID and sends these to the online banking website and Trusteer Mobile Risk Engine where they are used for mobile risk assessment.

Alerts the User of Device Security Risks Trusteer Mobile App users can view their device security status via a dedicated dashboard. Indications of malware infection, unsecure Wi-Fi connections and other security risks are identified. The user can resolve these risks by following step-by-step remediation guidance provided by the app.

Protects the User from Fake Banking Websites Trusteer Mobile App protects against pharming attacks. By validating both the IP address and the SSL certificate when a protected website is accessed, both session hijacking (Man-in-the-Middle) and redirection attacks are prevented.

Page 4: Trusteer Mobile Risk Engine

Trusteer Cybercrime IntelligenceGlobal threat intelligence and fraudster database Trusteer PinpointAccount Takeover (ATO) Detection Correlation of multiple fraud risk indicators for conclusive account takeover and mobile risk detection

Malware Detection Clientless detection of Man-in-the-Browser malware infected endpoints

Trusteer Mobile Risk EngineDetects mobile and cross-channel fraud risk via web-based services and the included mobile client components Trusteer Apex Zero-day exploits and data exfiltration prevention for employees’ endpoints

Trusteer RapportPrevention and remediation of malware and phishing threats on PCs and Macs

Trusteer Mobile Embedded security library for native mobile apps, dedicated secure mobile browser, out-of-band authentication

Trusteer Inc.545 Boylston Street, 5th FloorBoston, MA 02116T: +1 (866) 496-6139T: +1 (617) [email protected]

trusteer.com

Trusteer Cybercrime Prevention Architecture

Layer 2:Clientless Fraud Prevention

Layer 1:Endpoint Security

Cybercrime Intelligence

Trusteer MobileTrusteer Apex Trusteer Rapport

Customer ProtectionEmployee Protection

Trusteer PinpointAccount Takeover (ATO)

DetectionMalware

Detection

Trusteer Mobile Risk Engine

Customer Protection

MOBILE RISK

MANAGEMENT

Trusteer is the Global Leader in Financial Fraud Prevention

Boston-based Trusteer is the leading provider of endpoint cybercrime prevention solutions that protect

organizations against financial losses and data breaches. Hundreds of organizations and millions of end

users rely on Trusteer to protect managed and unmanaged endpoints against exploitation and compromise

by online threats that are invisible to legacy security solutions. Global organizations such as HSBC, Santander,

SunTrust and Fifth Third are among Trusteer’s customers.


Trusteer Rapport Report

Trusteer Rapport Report

Documents
How to attract mobile search engine spiders

How to attract mobile search engine spiders

Technology
Personalized Mobile Search Engine Document

Personalized Mobile Search Engine Document

Documents
Mobile 3D Game Engine

Mobile 3D Game Engine

Technology
MOBILE ENGINE TEST STATION - Harbor Freight Tools - Quality Tools

MOBILE ENGINE TEST STATION - Harbor Freight Tools - Quality Tools

Documents
Behind the scenes of IBM’s Trusteer Research

Behind the scenes of IBM’s Trusteer Research

Data & Analytics
Expression Engine at Mobile Webcamp Hasselt

Expression Engine at Mobile Webcamp Hasselt

Technology
What is the ABBYY Mobile OCR Engine SDK? Benefits of theabbyy_mocr_engine_4.0_en.pdf · High Accuracy OCR Based on award-winning technology, ABBYY Mobile OCR Engine 4.0 combines superior

What is the ABBYY Mobile OCR Engine SDK? Benefits of theabbyy_mocr_engine_4.0_en.pdf · High Accuracy OCR Based on award-winning technology, ABBYY Mobile OCR Engine 4.0 combines superior

Documents
The Loom Game Engine: Native, Mobile, Live Reloading

The Loom Game Engine: Native, Mobile, Live Reloading

Technology
3D Mobile Game Engine - Worcester Polytechnic Institute … ·  · 2008-04-293D Mobile Game Engine ... 2.5.5 Source Code management and SourceForge ... This will require a knowledge

3D Mobile Game Engine - Worcester Polytechnic Institute … ·  · 2008-04-293D Mobile Game Engine ... 2.5.5 Source Code management and SourceForge ... This will require a knowledge

Documents
Quick Reference Guide Security Trusteer Rapport ... · 4. Click +ADD TO CHROME to add the extension to your browser: Tip: If the Trusteer Rapport Console does not lead you directly

Quick Reference Guide Security Trusteer Rapport ... · 4. Click +ADD TO CHROME to add the extension to your browser: Tip: If the Trusteer Rapport Console does not lead you directly

Documents
Trusteer Mobile for IOS and Android Security Testing Guide 1.6

Trusteer Mobile for IOS and Android Security Testing Guide 1.6

Documents
(APTs) con IBM Trusteer Apex

(APTs) con IBM Trusteer Apex

Documents
Webroot SecureAnywhere Versus Trusteer Rapport Comparative

Webroot SecureAnywhere Versus Trusteer Rapport Comparative

Documents
Descripción de Servicios IBM Trusteer Fraud Protectionfile/i... · Soporte Premium de IBM Trusteer Mobile Browser for Retail . i126-6666-05 ... Los Servicios de Cloud de IBM Trusteer

Descripción de Servicios IBM Trusteer Fraud Protectionfile/i... · Soporte Premium de IBM Trusteer Mobile Browser for Retail . i126-6666-05 ... Los Servicios de Cloud de IBM Trusteer

Documents
IBM Security Trusteer Mobile SDK: iOSpublic.dhe.ibm.com/.../pub/certify/ibm...guide_ios.pdf · Mobile SDK: iOS . Developers Guide . Version 5.2 . December 2014 . Notices This information

IBM Security Trusteer Mobile SDK: iOSpublic.dhe.ibm.com/.../pub/certify/ibm...guide_ios.pdf · Mobile SDK: iOS . Developers Guide . Version 5.2 . December 2014 . Notices This information

Documents
Canadian Mobile Products Mobile Products ... *Results based on engine manufacturer and field test data after 100-hour engine break-in ... Indirect heaters offer efficient and

Canadian Mobile Products Mobile Products ... *Results based on engine manufacturer and field test data after 100-hour engine break-in ... Indirect heaters offer efficient and

Documents
The Jigsaw Continuous Sensing Engine for Mobile Phone … · The Jigsaw Continuous Sensing Engine for Mobile Phone Applications Hong Lu,† Jun Yang,∗ Zhigang Liu,∗ Nicholas D

The Jigsaw Continuous Sensing Engine for Mobile Phone … · The Jigsaw Continuous Sensing Engine for Mobile Phone Applications Hong Lu,† Jun Yang,∗ Zhigang Liu,∗ Nicholas D

Documents
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite

The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite

Technology
Search engine optimization panda-penguin-mobile

Search engine optimization panda-penguin-mobile

Marketing
Trusteer Fraud Protection · IBM Trusteer Rapport Mandatory Service add-ons, there is an associated Premium Support product available for an additional charge. Subscription to IBM

Trusteer Fraud Protection · IBM Trusteer Rapport Mandatory Service add-ons, there is an associated Premium Support product available for an additional charge. Subscription to IBM

Documents
Yehliu Tour System - supergeotek.com · With SuperGIS Mobile Tour, SuperGIS Mobile Engine for Android and SuperGIS Mobile Engine for iOS as the developing core, GIS and GPS integrated,

Yehliu Tour System - supergeotek.com · With SuperGIS Mobile Tour, SuperGIS Mobile Engine for Android and SuperGIS Mobile Engine for iOS as the developing core, GIS and GPS integrated,

Documents
Demystifying Mobile SEO - 2014 Search Engine Strategies Atlanta Session

Demystifying Mobile SEO - 2014 Search Engine Strategies Atlanta Session

Marketing
The Jigsaw Continuous Sensing Engine for Mobile Phone Applications …sensys.acm.org/2010/Papers/p71-Lu.pdf · The Jigsaw Continuous Sensing Engine for Mobile ... implementation and

The Jigsaw Continuous Sensing Engine for Mobile Phone Applications …sensys.acm.org/2010/Papers/p71-Lu.pdf · The Jigsaw Continuous Sensing Engine for Mobile ... implementation and

Documents
Pushing the Limits of Mobile Graphics with Unreal Engine

Pushing the Limits of Mobile Graphics with Unreal Engine

Technology
Mobile Search Marketing Finding value from mobile search engine optimisation

Mobile Search Marketing Finding value from mobile search engine optimisation

Documents
Mobile Broadband a growth engine - Royal Institute of ... · PDF fileGreger Blennerud Head of marketing – mobile broadband Business unit networks Mobile Broadband a growth engine

Mobile Broadband a growth engine - Royal Institute of ... · PDF fileGreger Blennerud Head of marketing – mobile broadband Business unit networks Mobile Broadband a growth engine

Documents
Unreal Engine 4: Mobile Graphics on ARM CPU and GPU … · Unreal Engine 4: Mobile Graphics on ARM ... Jack Porter, Engine Development Lead, Epic Games Korea ... OpenMP® , Renderscript,

Unreal Engine 4: Mobile Graphics on ARM CPU and GPU … · Unreal Engine 4: Mobile Graphics on ARM ... Jack Porter, Engine Development Lead, Epic Games Korea ... OpenMP® , Renderscript,

Documents
The Jigsaw Continuous Sensing Engine for Mobile Phone ...campbell/papers/jigsaw.pdf · The Jigsaw Continuous Sensing Engine for Mobile Phone Applications Hong Lu,† Jun Yang,∗

The Jigsaw Continuous Sensing Engine for Mobile Phone ...campbell/papers/jigsaw.pdf · The Jigsaw Continuous Sensing Engine for Mobile Phone Applications Hong Lu,† Jun Yang,∗

Documents
END USERS GUIDE - OceanFirst Bank · 2019-03-14 · Trusteer Rapport Download - Important Trusteer Rapport is an additional security feature that OceanFirst Bank offers to all online

END USERS GUIDE - OceanFirst Bank · 2019-03-14 · Trusteer Rapport Download - Important Trusteer Rapport is an additional security feature that OceanFirst Bank offers to all online

Documents