integrated cybercrime prevention: trusteer product overview
Post on 14-Sep-2014
175 views
DESCRIPTION
Legacy solutions are hard pressed to prevent cybercriminal attacks - but holistic, integrated solutions from Trusteer, an IBM company, can prevent or detect the full range of attack vectors, including phishing and malware targeting end users, and account takeovers perpetrated by criminals.TRANSCRIPT
IBM Software Solution Brief
Integrated cybercrime prevention: Trusteer product overviewHelp detect and prevent the full range of attack vectors using the holistic Trusteer portfolio
Highlights●● ● ●Help prevent cybercriminal attacks that
cannot be stopped by legacy solutions alone
●● ● ●Detect fraud in real time using Trusteer Cybercrime Prevention Architecture
●● ● ●Leverage four key principles: prevent fraud effectively and accurately, adapt to emerging threats, streamline the end-user experience, and provide fast time to value
Cybercriminals continuously target financial institutions, enterprises, e-commerce operations and other organizations to steal financial and business information. Legacy solutions are hard pressed to prevent these attacks, as they lack threat intelligence and real-time visibility into the full attack lifecycle.
Trusteer, an IBM company,1 has pioneered a holistic, integrated cyber-crime prevention architecture that has been successfully deployed in hundreds of organizations globally. Trusteer solutions help detect and prevent the full range of attack vectors—including phishing and malware that target end users and account takeovers perpetrated by criminals—responsible for the majority of online, mobile and cross-channel fraud. Trusteer Cybercrime Prevention Architecture is based on four key principles to help prevent fraud, sustain protection over time, streamline the customer experience and minimize the load on IT resources:
Prevent fraud effectively and accurately●● ● Prevent the root causes of most fraud attempts: malware and phishing●● ● Detect active threats in real time●● ● Analyze risk factors related to a device, user, account and transaction to
conclusively f lag account takeover attempts and high-risk transactions
Adapt to emerging threats●● ● Use real-time global intelligence from tens of millions of endpoints●● ● Dynamically adapt the various protection layers to help ensure
sustainable protection
Streamline the end-user experience●● ● Deliver transparent protection●● ● Minimize disruption to customers performing legitimate transactions●● ● Increase the effectiveness of the organization’s support, fraud and
risk teams
Provide fast time to value●● ● Offer a turnkey Software-as-a-Service (SaaS) solution for rapid
deployment●● ● Provide an immediate response across all online and mobile
applications
2
Solution BriefIBM Software
Trusteer product overviews and key capabilities
Product Overview Key capabilities
Trusteer Pinpoint Account Takeover Detection
Conclusive detection of criminals and account takeover attempts
●●
●●
●●
●●
●●
Detects new, spoofed (proxy) and known criminal devices using complex device IDsIdentifies real-time phishing incidentsSeamlessly integrates extended malware and phishing risk indicators from Trusteer Pinpoint Malware Detection and Trusteer Rapport (if available)Correlates device risk (i.e., new, spoofed and known criminal devices) and account risk (i.e., phishing incidents and malware infections) for conclusive criminal and account takeover detectionMaintains a global criminal device database based on intelligence from hundreds of organizations worldwide
Trusteer Pinpoint Malware Detection
Accurate, real-time detection of live man-in-the-browser malware-infected devices
●●
●●
Detects live man-in-the-browser infections on PC, Mac and mobile devicesFeeds malware detection events via email, batch files or direct feeds into Trusteer Pinpoint Account Takeover Detection and third-party risk engines
Trusteer Mobile Risk Engine
Conclusive detection of mobile- specific fraud risks from compro-mised end-user and criminal-owned devices
●●
●●
●●
Detects high-risk mobile access from smartphones and tabletsProvides risk analysis based on device, session and user risk factors captured by Trusteer Mobile Software Development Kit (SDK), Trusteer Mobile App and third-party applicationsCorrelates cross-channel risk factors, such as malware infection and phishing incidents in the online channel, to address complex online/mobile attack scenarios
Trusteer Rapport Client-based endpoint protection against financial malware and phishing attacks
●●
●●
●●
●●
Helps prevent and remove infection by live and inactive man-in-the-browser malware from infected devicesHelps protect browsing sessions, even if active malware is presentDetects phishing sites and specific compromised account credentials and payment card dataNotifies fraud teams of malware infections and removals to enable user re-credentialing and help eliminate future threats
Trusteer Mobile SDK Dedicated security library for Apple iOS and Google Android platforms that can be embedded in proprietary mobile banking applications to detect compromised and vulnerable devices and generate persistent device IDs
●●
●●
Detects the following risk factors: – Jailbroken/rooted devices – Malware infections – Installations of rogue applications – Unsecured WiFi connections – Outdated operating systems – Geographic locations
Generates a persistent device ID, based on hardware and software attributes, that is resilient to application reinstallation
Trusteer Mobile App (Secure Browser)
Risk-based analysis of web access and transactions from mobile devices
●●
●●
●●
Incorporates Trusteer Mobile SDK in order to deliver device risk factors and persis-tent device IDs to web applicationsHelps prevent man-in-the-middle attacks (helps ensure that users browse to the genuine site)Alerts users of device risk factors and provides remediation guidance
Trusteer Apex Protection for employee endpoints against advanced malware
●●
●●
●●
●●
Helps protect web browsers as well as Java, Adobe, Microsoft Office and other applications against zero-day exploitsHelps prevent malware data exfiltrationHelps prevent credentials theft via spear-phishing and re-use of enterprise credentials on consumer sitesSupports managed and unmanaged employee endpoints
3
Solution BriefIBM Software
The holistic Trusteer approach to security architecture provides a flow of data and intelligence between Trusteer products.
Trusteer product overview: Data flow
Third-party risk engines, big-data analytics
Online/mobile banking applicationOrganization applications
and systems
Allow, restrict, authenticate Risk events
Trusteer Pinpoint AccountTakeover Detection
Trusteer MobileRisk Engine
Malware infections
RISK ANALYSIS
Phishing incidents Device risk Device ID Criminal device database
TRUSTEER RISK DATA REPOSITORY
Device IDDevice, session,user risk factors
Phishing incidents
Liveman-in-the-browser
malwareinfection
Mobile devicerisk factors
Persistentdevice ID
Trusteer PinpointAccount Takeover
clientless extensions
Trusteer PinpointMalware Detection
Trusteer MobileSDK
RISK DETECTION
Securebrowsing
Pharming
Infectionprevention/removal
Phishing siteCredential
compromise
Exploit attemptSuspicious
communication block
Credential leakageprevention
RISK PREVENTION
Trusteer Mobile App(Secure Browser)
Trusteer Rapport Trusteer Apex
Why IBM?Trusteer, an IBM company, is a leading provider of cybercrime prevention solutions that protect organizations against financial fraud and data breaches. Hundreds of organizations and mil-lions of end users rely on Trusteer to protect their computers and mobile devices from online threats that are invisible to legacy security solutions. Trusteer Cybercrime Prevention Architecture combines multi-layer security software and real-time threat intelligence to help defeat zero-day malware and phishing attacks and help organizations meet regulatory compliance requirements.
For more informationTo learn more about Trusteer solutions for financial fraud prevention, please contact your IBM representative or IBM Business Partner, or visit: ibm.com/Security
© Copyright IBM Corporation 2014
IBM Corporation Software Group Route 100 Somers, NY 10589
Produced in the United States of America March 2014
IBM, the IBM logo, ibm.com, and X-Force are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml
Adobe is a registered trademark of Adobe Systems Incorporated in the United States, and/or other countries.
Microsoft is a trademark of Microsoft Corporation in the United States, other countries, or both.
Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.
This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.
THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.
The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that systems and products are immune from the malicious or illegal conduct of any party.
1 Trusteer, Ltd. was acquired by IBM in September of 2013.
WGS03018-USEN-00
Please Recycle