Fraud Prevention Software for the Internet and Online Banking
The dramatic rise of online fraud since the late 1990s and early 2000s has forced enterprises to enhance their security arrangements. Every year, hundreds of millions of dollars are lost to online fraud in the United States alone. Strong authentication is the solution, but many hard token systems are both expensive and can be ineffective. SolidPass solves this fundamental problem with a robust two-factor authentication soft token. SolidPass security tokens provide a range of authentication methods, including:
- Event-based One-Time Password (OTP)
- Time-based One-Time Password (OTP)
- PIN control mandatory/optional
- Security Question
- Challenge-Response
- Transaction Data Signing (TDS)
- Mutual Authentication (2 WAY) Authentication
SolidPass' multi-authentication approach can provide advanced fraud protection for your enterprise. SolidPass can be used to prevent a variety of attacks, including all of the most dangerous and common tactics fraudsters use. Preventable attacks include:
- Phishing Attacks
- Pharming Attacks
- Man-In-The-Middle Attacks
- DNS Cache Poisoning Attacks
- Trojans Attacks
- Man-In-The-Phone Attacks
- Browser Poisoning Attacks
- Dictionary Attacks
- Brute-Force Attacks
Mobile Token Convenience and Fraud Protection
The key advantage of the mobile token is that there are no new devices or wallet-fillers for customers – just an add-on application to the device they already carry everywhere. Since customers already own the “hardware” (the mobile phone), SolidPass can be provided and managed at a fraction of the total cost of ownership (TCO) of a hardware token solution. Soft tokens have the added advantage of being able to be distributed immediately and without logistical planning. An added benefit from a reissuing and logistical perspective is that soft tokens do not expire. This helps reduce customer dissatisfaction. Thanks to its flexible framework, the application can also be updated to guard against new security threats.
SolidPass works on a number of different mobile platforms (both feature and smartphones). Solidpass mobile tokens include the following:
- Android Security Token
- Blackberry Security Token
- Brew Security Token
- iPhone Security Token
- Java ME Security Token (J2ME Token)
- Mobile Linux Security Token
- Palm Security Token
- Symbian Security Token
- Windows Mobile Security Token
Desktop (PC) Soft Token
SolidPass also supports desktop-based software tokens as well. The Desktop Operating Systems and Browsers supported are:
- Toolbar Token
- Java Token
- Linux Token
- Mac Token
- iPad Token
- Windows Token
Regulatory Compliance
Regulatory requirements are pressuring organizations to adopt stronger authentication methods and to secure access to data systems and applications. Static username/password identity management no longer provide enough security to authenticate users accurately. This has led to adopting two-factor authentication systems. Legislation from the Sarbanes-Oxley Act (SOX), guidelines from the Federal Financial Institutions Examination Council (FFIEC), and recommendations from the Health Insurance Portability and Accountability Act (HIPAA) all require that organizations use stronger forms of authentication to mitigate data theft, prevent fraud, protect customer information and patient privacy. SolidPass helps organizations and enterprises comply with regulatory regimes that cover authorization rules and auditing protocols.
In addition to non-compliance, organizations that continue to use static username/passwords face numerous problems ranging from brute force attacks, dictionary attacks, guessing and social engineering.
For the banking industry, 2FA tokens are quickly becoming a mandatory offering for online and mobile banking:
- FFIEC Guidance on 2FA
- PCI Data Security Standards
- FACTA Identity Theft Red Flags