|
|||||||||||||||||||||||||
|
|||||||||||||||||||||||||
|
Covelight Systems and StrikeForce Partner to Offer Risk-Based Authentication for Web Applications
WebKnowHow StrikeForce Technologies,
a leader in solutions that prevent identity theft, and Covelight
Systems, an innovator of solutions for passive, real-time
identity-based monitoring of Web applications to detect fraud and
identity theft, today announced a strategic partnership that will
deliver a comprehensive risk-based authentication solution to financial
institutions by securing their Web applications without slowing down
transactions for the end-user by only requiring multiple authentication
when necessary during their online experience.
StrikeForce Technologies' ProtectID multi-factor authentication platform offers third-party technology providers and banks the flexibility to select from numerous authentication methods, including cell phones, PDAs, soft and hard tokens, smartcards, and biometric devices. In the most common implementation, users answer an "Out-Of-Band" phone call and enter a PIN on the keypad of the phone to verify their identity and authorize each transaction. As an alternative or back up, StrikeForce can e-mail one-time passwords, or turn a PDA, blackberry, or computer into a one-time password generator, eliminating the need to carry or purchase new technology. By bundling multiple authentication methods together, ProtectID permits choice by consumers, reinforcing bank security policy while providing the type of redundancy banks expect of their operational systems. "In response to the FFIEC Guidance, financial institutions are seeking to implement a simple, layered, user authentication experience," said StrikeForce CEO Mark Kay. "Through the integration with Percept, banks will be able to easily tie the user authentication to user behavior and dynamic events, providing the real-time solution that put consumers in control of their accounts and transactions while mitigating attacks and fraud." Beginning with the initial access, through login and during the entire session, Percept monitors each user and their online patterns, and automatically builds behavioral profiles allowing real-time detection of suspicious or high-risk activity. In addition, Percept maintains detailed session and transaction logs and offers an incident investigation console to facilitate fraud case management and on-demand session audits. The Covelight Percept Web application fraud management system incorporates network-based monitoring, multi-dimensional fraud detection and scoring to evaluate each user's session risk in real-time. If at any time during the user's session the Percept risk score exceeds a threshold, ProtectID will invoke the appropriate method of authentication. "Covelight Percept is a proven fraud management solution that has been successfully deployed in leading financial institutions since 2004," said Covelight CEO Spencer Snedecor. "By integrating Percept with ProtectID, we are delivering a complete risk-based authentication solution for protecting their sensitive online customer base." |
Copyright © 1998 - 2018 DevStart, Inc. All Rights Reserved |