IBM Software Solution Brief

Integrated cybercrime prevention: Trusteer product overviewHelp detect and prevent the full range of attack vectors using the holistic Trusteer portfolio

Highlights●● ● ●Help prevent cybercriminal attacks that

cannot be stopped by legacy solutions alone

●● ● ●Detect fraud in real time using Trusteer Cybercrime Prevention Architecture

●● ● ●Leverage four key principles: prevent fraud effectively and accurately, adapt to emerging threats, streamline the end-user experience, and provide fast time to value

Cybercriminals continuously target financial institutions, enterprises, e-commerce operations and other organizations to steal financial and business information. Legacy solutions are hard pressed to prevent these attacks, as they lack threat intelligence and real-time visibility into the full attack lifecycle.

Trusteer, an IBM company,1 has pioneered a holistic, integrated cyber-crime prevention architecture that has been successfully deployed in hundreds of organizations globally. Trusteer solutions help detect and prevent the full range of attack vectors—including phishing and malware that target end users and account takeovers perpetrated by criminals—responsible for the majority of online, mobile and cross-channel fraud. Trusteer Cybercrime Prevention Architecture is based on four key principles to help prevent fraud, sustain protection over time, streamline the customer experience and minimize the load on IT resources:

Prevent fraud effectively and accurately●● ● Prevent the root causes of most fraud attempts: malware and phishing●● ● Detect active threats in real time●● ● Analyze risk factors related to a device, user, account and transaction to

conclusively f lag account takeover attempts and high-risk transactions

Adapt to emerging threats●● ● Use real-time global intelligence from tens of millions of endpoints●● ● Dynamically adapt the various protection layers to help ensure

sustainable protection

Streamline the end-user experience●● ● Deliver transparent protection●● ● Minimize disruption to customers performing legitimate transactions●● ● Increase the effectiveness of the organization’s support, fraud and

risk teams

Provide fast time to value●● ● Offer a turnkey Software-as-a-Service (SaaS) solution for rapid

deployment●● ● Provide an immediate response across all online and mobile

applications

2

Solution BriefIBM Software

Trusteer product overviews and key capabilities

Product Overview Key capabilities

Trusteer Pinpoint Account Takeover Detection

Conclusive detection of criminals and account takeover attempts

●●

●●

●●

●●

●●

Detects new, spoofed (proxy) and known criminal devices using complex device IDsIdentifies real-time phishing incidentsSeamlessly integrates extended malware and phishing risk indicators from Trusteer Pinpoint Malware Detection and Trusteer Rapport (if available)Correlates device risk (i.e., new, spoofed and known criminal devices) and account risk (i.e., phishing incidents and malware infections) for conclusive criminal and account takeover detectionMaintains a global criminal device database based on intelligence from hundreds of organizations worldwide

Trusteer Pinpoint Malware Detection

Accurate, real-time detection of live man-in-the-browser malware-infected devices

●●

●●

Detects live man-in-the-browser infections on PC, Mac and mobile devicesFeeds malware detection events via email, batch files or direct feeds into Trusteer Pinpoint Account Takeover Detection and third-party risk engines

Trusteer Mobile Risk Engine

Conclusive detection of mobile- specific fraud risks from compro-mised end-user and criminal-owned devices

●●

●●

●●

Detects high-risk mobile access from smartphones and tabletsProvides risk analysis based on device, session and user risk factors captured by Trusteer Mobile Software Development Kit (SDK), Trusteer Mobile App and third-party applicationsCorrelates cross-channel risk factors, such as malware infection and phishing incidents in the online channel, to address complex online/mobile attack scenarios

Trusteer Rapport Client-based endpoint protection against financial malware and phishing attacks

●●

●●

●●

●●

Helps prevent and remove infection by live and inactive man-in-the-browser malware from infected devicesHelps protect browsing sessions, even if active malware is presentDetects phishing sites and specific compromised account credentials and payment card dataNotifies fraud teams of malware infections and removals to enable user re-credentialing and help eliminate future threats

Trusteer Mobile SDK Dedicated security library for Apple iOS and Google Android platforms that can be embedded in proprietary mobile banking applications to detect compromised and vulnerable devices and generate persistent device IDs

●●

●●

Detects the following risk factors: – Jailbroken/rooted devices – Malware infections – Installations of rogue applications – Unsecured WiFi connections – Outdated operating systems – Geographic locations

Generates a persistent device ID, based on hardware and software attributes, that is resilient to application reinstallation

Trusteer Mobile App (Secure Browser)

Risk-based analysis of web access and transactions from mobile devices

●●

●●

●●

Incorporates Trusteer Mobile SDK in order to deliver device risk factors and persis-tent device IDs to web applicationsHelps prevent man-in-the-middle attacks (helps ensure that users browse to the genuine site)Alerts users of device risk factors and provides remediation guidance

Trusteer Apex Protection for employee endpoints against advanced malware

●●

●●

●●

●●

Helps protect web browsers as well as Java, Adobe, Microsoft Office and other applications against zero-day exploitsHelps prevent malware data exfiltrationHelps prevent credentials theft via spear-phishing and re-use of enterprise credentials on consumer sitesSupports managed and unmanaged employee endpoints

3

Solution BriefIBM Software

The holistic Trusteer approach to security architecture provides a flow of data and intelligence between Trusteer products.

Trusteer product overview: Data flow

Third-party risk engines, big-data analytics

Online/mobile banking applicationOrganization applications

and systems

Allow, restrict, authenticate Risk events

Trusteer Pinpoint AccountTakeover Detection

Trusteer MobileRisk Engine

Malware infections

RISK ANALYSIS

Phishing incidents Device risk Device ID Criminal device database

TRUSTEER RISK DATA REPOSITORY

Device IDDevice, session,user risk factors

Phishing incidents

Liveman-in-the-browser

malwareinfection

Mobile devicerisk factors

Persistentdevice ID

Trusteer PinpointAccount Takeover

clientless extensions

Trusteer PinpointMalware Detection

Trusteer MobileSDK

RISK DETECTION

Securebrowsing

Pharming

Infectionprevention/removal

Phishing siteCredential

compromise

Exploit attemptSuspicious

communication block

Credential leakageprevention

RISK PREVENTION

Trusteer Mobile App(Secure Browser)

Trusteer Rapport Trusteer Apex

Why IBM?Trusteer, an IBM company, is a leading provider of cybercrime prevention solutions that protect organizations against financial fraud and data breaches. Hundreds of organizations and mil-lions of end users rely on Trusteer to protect their computers and mobile devices from online threats that are invisible to legacy security solutions. Trusteer Cybercrime Prevention Architecture combines multi-layer security software and real-time threat intelligence to help defeat zero-day malware and phishing attacks and help organizations meet regulatory compliance requirements.

For more informationTo learn more about Trusteer solutions for financial fraud prevention, please contact your IBM representative or IBM Business Partner, or visit: ibm.com/Security

© Copyright IBM Corporation 2014

IBM Corporation Software Group Route 100 Somers, NY 10589

Produced in the United States of America March 2014

IBM, the IBM logo, ibm.com, and X-Force are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml

Adobe is a registered trademark of Adobe Systems Incorporated in the United States, and/or other countries.

Microsoft is a trademark of Microsoft Corporation in the United States, other countries, or both.

Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.

This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.

THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.

The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that systems and products are immune from the malicious or illegal conduct of any party.

1 Trusteer, Ltd. was acquired by IBM in September of 2013.

WGS03018-USEN-00

Please Recycle