reply financial sector antifraud services and products
Post on 16-Jun-2015
146 Views
Preview:
DESCRIPTION
TRANSCRIPT
Reply
Financial Sector Antifraud
Products and Services
V. 1.5 - 31072012
2
Solution outline
Reply engineered a point solution to contrast new type of automated
frauds toward financial institutions online services. The so called “Man in
The Browser” attacks are hitting the news and are a well known problem for
large financial institutions as they can circumvent strong authentication and
transaction monitoring systems.
Reply solutions provide a unique way to identify such frauds through the
technological chain, providing “Actionable Intelligence” information directly
to Enterprise Fraud Management systems or helpdesks.
http://www.bbc.co.uk/news/technology-16812064 (02/2012)
3
Reply Security competence centre
Reply Antifraud Assets:
• Niche high performance solutions, 100+ clients managed
• Dedicated Fraud Intelligence Team & CERT
• Owned Security Operations Centre H24x365, 60+ people dedicated to
Fraud Contrast & Analysis in the Reply SOC
• Self developed platforms, some of which released open source for the
anti-fraud community
• High involvement in international associations, such as Honeynet Project
• Flexibility to accomodate client’s integration and service requirements
Reply was identified by the Italian Banking Association
(ABI) as a leader for quality intelligence for the
financial sector. Reply provides monthly report of
malware trends to all associates
Reply provides malware intelligence information to UK
private agencies providing services to law enforcement
authorities and defence.
4
Reply Answer
Reply provides focused product and services for contrast
of emerging fraud phenomena in the financial sector.
ACTIVE FRAUD
PREVENTION
ANTIPHISHING
SERVICES
Active detection of
online banking frauds.
Available in SaaS or
On-Premise, 95% avg
score on true positives,
measurable ROI.
Active detection and
shutdown of phishing
clones, leveraging
multiple sources and
client information.
Top level detection rate.
REPLY FRAUD
INTELLIGENCE
SERVICES
Intelligence information
tailored on specific
requirements, Botnet
Tracking, Botnet
infiltration and
shutdown.
5
Active Fraud Prevention (AFP): Fraud pattern
The AFP product leverages continuous intelligence activities and
proprietary platforms in order to actively identify compromised
clients during an online banking transaction attempt.
AFP produces Actionable Intelligence: your client’s account
number, details of the transaction direcly to your customer
support service and to your enterprise fraud management
system.
AFP has extremely low integration requirements.
6
Active Fraud Prevention (AFP): Fraud pattern
The AFP product leverages continuous intelligence activities and
proprietary platforms in order to actively identify compromised
clients during an online banking transaction attempt.
Typical online banking fraud pattern:
Online Banking
Front End
1 The user connects to the home banking website with a client compromised by a trojan.
The connection triggers the trojan that seamlessly interacts with the user session 2
Online Banking
Back End
Since the attack happens in the user space, both the front end and the back end cannot detect the attack.
It is a common pattern to see average transaction volume and execute fraud wire transfer below that, in order
not to trigger transaction monitoring systems
3
End user
7
Active Fraud Prevention (AFP): mitigation
Leveraging proprietary technology, with an easy to integrate sensor in the
front end, AFP is capable to detect «weak signals» coming from and infected
client.
AFP signatures and sensors are updated frequently by the Reply Fraud
Intelligence team.
8
Active Fraud Prevention (AFP): Fraud pattern
Reply AFP is available in the following:
• Software as a Service Fully delivered from ISO/IEC 27001 certified Reply Security
Operations Centre (SOC). • Licensing is flat for 1Y contract, not dependent on number of
logs/events/incidents/EPS/etc.
• Includes continuous updates of signatures and software components
• Full reporting and trend analysis via fully featured BI solution
• On-premise on hardware/virtual appliance Remotely managed by experts team in Reply SOC. • The product is licensed to the client, signatures and software
components updates are included in the maintenance fee
9
Example of Reply malware detection capabilities
Geolocalization of one of the monitored Fast Flux domains
10
Reply Antiphishing services
Reply Antiphishing Service provide value for customer’s reducing
brand abuse impact on the end user:
• Reduction of exposure to cloned websites
• High level of detection thanks to smart correlation of own
managed mailboxes network and weak signals derivd from
customer available data
• Shutdown of clone websites licensed on a flat fashion
• Full tracking of closure status via Reply services portal
11
Reply Fraud Intelligence Services
The Reply Fraud Intelligence Team monitor threats directed
toward its clients through botnets and trojans. The team can
provide valuable intelligence information to its customers,
including:
• Detection of malicious code samples
• C&C tracking and shutdown
• Analysis of detection techniques for new malware behaviours
• Full reporting and trend analysis through a full featured
Busines Intelligence platform
12
Want to try out?
Our experience tells us that the amount of frauds identified and
potentially prevented during a Proof Of Concept, highly exceed
expectations. And the final TCO is just a small portion of the
saving.
To organise a POC for Reply AFP solution, please contact
d.vitali@reply.eu
Thanks
top related