End-point Security

> SOLUTION > End-point Security

Summary
Solution

IBM Trusteer Fraud Detect System End-Point Security Solution is a solution that prevents bank fraud attacks based on hacking and smishing in the Internet/mobile banking and electronic commerce environment.

Characteristics

Adopts a new access method to prevent Zero Day Attacks.
  • Handles new malware by analyzing state (memory, file system access, etc.) of a browser (Rapport) or applications (mobile or Apex), rather than by directly searching for malware.
Improves memory hacking protection.
  • MITB is a typical model that can immediately attack from a user’s browser (PC or mobile), and threatens applications in the financial sector where hybrid applications (app + web combination) are common, as these are particularly vulnerable to memory hacking approaches.
  • Combines two protection methods, "Algorithm Inspection” and “Application Protection.”
Mobile "Secure Dual Authoriztion"
  • Provides a safe authentication channel that replaces the imperfect 2-channel SMS authentication.
Authenticates advanced mobile devices.
  • Mobile device authentication based on device information can be easily copied and may cause problems when an App/OS is reinstalled.
  • Authenticates using a powerful "Persistent Device ID” (software and hardware-combined ID).
Expected Effects
  • Advanced End-Point Security
  • Protection against memory hacking attacks (PC)
  • Protection against Zero Day Attacks (PC)
  • Protection against overlay attacks (PC & mobile)

  • Protection against phishing and pharming attacks (PC & mobile)
  • End-Point Security and Security API Service

  • Mobile Device Copy Verification that cannot be bypassed
  • Improves end-point vulnerability of hardware-based device ID verification methods.

  • Prevents infection by malicious codes based on FDS Risk Scoring Factor (PC & mobile).
  • Reduces vulnerability via 2-channel SMS authentication (mobile).
Deployment Method
  • Deploys a ‘whole lot’ diagnosis test system to check information system security guidelines.

  • Evaluates security level of a newly constructed system and takes preventive measures against hacking.
  • Before a new system is included in the security management target systems, the application of internal security guidelines should be guaranteed.

  • Increases the security level for existing operational systems.
  • Aims to achieve a perfect security system by applying approriate measures for incomplete issues and continuous performance diagnosis.