Covelight Systems Ups the Ante for Online Fraud Management Solutions with Covelight Percept 3.0

August 1, 2006; 02:21 AM

Covelight Systems, an innovator of solutions for real-time online fraud protection,  announced the availability of Covelight Percept(TM) 3.0. Percept is the industry's first and only fraud monitoring product line that combines real-time traffic capture, identity-based fraud detection, analytics, forensics and reporting for a completely transparent solution to manage online fraud while not interfering with the application performance or the user experience.

"We're very excited about this new offering," said Spencer Snedecor, Covelight's CEO. "Percept is already protecting online banking and brokerage applications at numerous financial institutions representing a combined $1.5 trillion in assets. This latest version will continue delivering value to our customers and strengthens Covelight's technology leadership position in online fraud management."

With the December 2006 FFIEC deadline looming, financial services institutions can quickly and painlessly deploy Percept to exceed the recommended guidance while protecting their reputations and online users from fraud, including man-in-the-middle and man-in-the-browser attacks. As evidenced by a recent well-publicized incident at Citibank, these new attacks are part of an emerging session hijacking trend designed to circumvent improved authentication controls. Additionally, Percept 3.0 can run in combination with any multi-factor authentication solution to invoke strong authentication only when needed, so the end user is not unnecessarily aggravated with burdensome challenges.

Percept 3.0 features include:

-- Complete application independence. Deployed as a passive network sensor, the traffic capture, SSL decryption, transaction logging, session and login identification and user behavior and transaction anomaly detection are all performed without any integration into the online application or servers while maintaining complete transparency to the online users. No agents, cookies, JavaScript, code changes or server log files are required. This saves money by eliminating the fraud and risk teams' reliance on application development or operations to install or maintain the system and because it does not negatively impact the application.

-- The only online fraud architecture for detecting emerging session hijacking attacks, such as man-in-the-middle and man-in-the-browser. Network-based transaction flow monitoring inspects not just a few selected transactions, but ALL traffic between the users and the applications. By doing so, Percept can detect subtle differences in an individual user's behavior -- from obvious changes in IP address and geolocation, down to infinitesimal shifts at the lowest protocol layers -- that are indicative of a hijacked session.

-- Two-dimensional real-time risk calculations. For each user and session, Percept calculates and maintains two scores: The first score quantifies the threat level represented by the user, based on over 80 built-in customizable rules. The second score quantifies the user's exposure to high-risk transactions and sensitive data patterns. These two dimensions give a complete picture of the risk posed by each user and each online visit. The scoring starts from the moment the user accesses the site and is updated in real-time up to login and throughout the entire session.

-- New API for publishing Percept risk score to any authentication system. The API is used to provide the Percept two-dimensional risk score to authentication solutions, including our partners Digital Resolve, TriCipher, StrikeForce and PhishCops. The authentication solution evaluates this score and invokes the appropriate level of authentication at anytime during the user's session. This risk-based authentication insures that users are not asked to supply additional credentials unless absolutely necessary.

-- Built-in user compliance audit and fraud investigation console. With built-in analytics and detailed forensic logs, Percept arms compliance and fraud investigation teams with the tools to respond to an incident, and to prosecute if necessary. To simplify the job of the fraud and compliance investigators, the user records now provide customized information about the online user, such as account number and privileges.

-- New appliance options, including the enterprise-class Percept 5000. With flexible network interface options and high availability components, this high-performance, 3-rack unit appliance meets the needs of even the most demanding enterprise.

Starting with the initial access, through login and during the entire session, Percept monitors each user's online activity and automatically builds a behavioral profile that is used to detect suspicious or high-risk activity in real-time to trigger alerts and generate a two-dimensional session risk score. In addition, Percept maintains detailed session and transaction logs supported by the guided analytics of an incident investigation console to support fraud case management and on-demand user audits.

"We continue to be impressed with Percept and its capabilities. What they can capture -- in an easy-to-install and maintain passive monitoring solution that does not adversely affect our applications or our users -- is remarkable," said longtime Percept customer Chip Wentz, Senior VP of Information Security at First Citizens Bank. "Our operational risk, compliance and information security teams all rely on the real-time detection and fraud analytics that Percept provides us."

Brian Ellis, senior director of application assurance at Answerthink, agrees: "SunTrust Bank was looking for a solution to protect a group of their outward-facing applications. They wanted to deploy transparent fraud detection and user-focused analytics without making any changes to the applications. They concluded that Covelight Percept would give them strong and comprehensive protection for their applications and online users."

FINANCIAL INSTITUTIONS BEWARE

The pressure is on, and financial institutions are working to get systems in place that meet FFIEC compliance demands. During the process, however, they may be unknowingly compromising their online applications. The following list outlines what banks should consider when preparing to comply with FFIEC guidelines so that their online applications are not compromised:

-- Solutions that instrument the customer's desktop to collect and transmit parameters using JavaScript or other technologies are unacceptable -- legitimate users will recognize this as privacy-invading Spyware. And these techniques are trivially bypassed by attackers. A proper fraud monitoring solution should be fully capable of operating by independently analyzing unaltered application transactions.

-- Banks should be wary of using technology that was never meant for real-time fraud monitoring from vendors who are repositioning older web-analytics products as fraud solutions. These systems rely on internal batch (not real-time) processing of transactions to work with their query-based architectures. Covelight's solution is built on a real-time event stream processing architecture that examines every aspect of every transaction, not just a few parameters from a few transactions.

-- Solutions that require application integration, or worse, that require the application to synchronously submit selected transactions for analysis, introduce unnecessarily large deployment costs, performance degradation, and ongoing dependency between the application developers and monitoring solution. And in this architecture, the monitoring system rarely has full visibility of all transactions or all aspects of a transaction.

About Covelight Systems

Covelight Systems is the field-proven leader in online fraud and identity theft solutions. With deployments at organizations that combined represent approximately $1.5 trillion in assets, Covelight's products, including Percept(TM) and FraudProbe(TM), provide real-time identity-based monitoring of critical online applications to protect the institutions' reputation and end-users from online fraud and identity theft. Only by deploying Covelight solutions can organizations detect suspicious user activity associated with online account takeover fraud, insider identity theft, phishing activity and session hijacking. For more information, go to www.covelight.com or call at (919) 677-9680.