Anti-Fraud Suite Holistic Approach to Online Banking Security About - PowerPoint PPT Presentation

Anti-Fraud Suite Holistic Approach to Online Banking Security

About ThreatMark 2 Made Ma de in Czec ech h Repu public Fo Foun unded ded in 2015 15 Active on 4 continents by former Ethical Hackers 50 50+ Exper erts s 20+ million n focused on one product clients protected High gh-tec ech h Securit urity Compan any strong focus on behavioral biometrics and AI/ML Notab No able e Achi hievem ements Most deployed online banking fraud prevention in Czech and Slovak republic Selected over IBM, RSA, F5 and other competing solutions by large international banking groups Protecting more mobile end-point devices than any other leading A/V company in CEE

Customers Benefit from Our Innovation 3 Online Mobile User Identity Banking Fraud Banking Fraud Verification Cyber Threats Endpoint Risk-Based Strong Protection Protection Customer Authentication PSD2 Dynamic Application And More… Compliance Self-Protection

Trusted by the World‘s Leading Banks 4 Award-Winning Technology

Anti-Fraud Suite Bringing Trust to the Digital World

Digital Identity Verification 6 GEOLOCATION REMOTE ACCESS BEHAVIOUR NETWORK TRANSACTIONS BIOMETRICS DATE & TIME DEVICE AI/ML FINGERPRINT WEB-INJECT MALWARE OPERATION SYSTEM TOR BROWSER WEB BROWSER ROBOTIC ACCESS GLOBAL INTELLIGENCE

Complete Suite For Online Banking Protection 7 AFS Payments • Machine-Learning based Risk Scoring of payment transactions • Global intelligence, human feedback, Business-driven Rule Engine • Managed service model #PSD2 TRA, #TRM, #TRA, #Payment Fraud Prevention AFS Identity • Solution for gathering and analysing user‘s behavioral biometrics data #Adaptive Authentication, #Risk-Based Authentication, #PSD2 SCA, Improving UX AFS Threats • Banking Specific Cyberthreat protection for online channels • Security Operation Center 24/7, • Phishing Takedown Service, Fraud & Malware Analyst Service #Banking Malware, #Phishing, #BOTs, #Scraping (PSD2 RTS), #Application protection, #Device profiling, #0-Day Malware, #Threat Intelligence

ThreatMark‘s Trusted Identity 8 Payments Actions Channels Suspicious Sequence Web/Mobile/OpenAPI Payments Payment Anomalies / Behavior Fraudsters IP Reputation Omnichannel Geo fencing Payment Rules and Alerts Case Management AFS Payments Cross-channel fraud detection Mule/Fraudster Accounts Known Fraudulent Actions PSD2 Authorization Schemes Shared Fraud Schemes Behavior Identity Behavior Identity ThreatMark Trusted Identity Advanced Device Identification Date/Time behavior IP reputation Network Device Usage and Interaction Shared Intelligence and Fraudulent Accounts/Identities Navigation Behavior Orchestration Shared Identities/Devices AFS Identity Behavioral Biometrics Application Interaction Behavior Transaction / Login behavior Malware BOTs Phishing Malware BOTs App./Device hacking Phishing Webinjects Application Debugging Webscraping (Screenscraping) Webpage Cloning Detection Active RAT Detection Application Cloning API Scraping Phishing Site Usage Detection Malicious Applications Detections Emulator Detection Phished Users Detection AFS Threats Overlay Detection Device Security Profiling SMS Hijacking Detection

Layered Security Approach and Orchestration 9 L A Y E R 1 L A Y E R 2 L A Y E R 3 ACCESS L A Y E R 4 LOGON L A Y E R 5 NAVIGATION TRANSACTION DATA ANALYTICS Clickstream profiling Money mule blacklist GeoIP check Connection check (TOR, Big Data AI/ML anon-proxy) Scripted access and Abnormal spending Login time check Continuous User automation detection behaviour profiling Browser and OS Login biometrics security check Session hijacking Transaction Integrity Human Feedback Velocity checks Malware, phishing re-learning Behaviour and app interaction biometrics Action context Business Rules Device fingerprint

PSD2 - Compliance 10 Screen een Scrap aping ng Strong ong Custom omer er Auth then enti ticati tion on  Prohibited  Possession  Detectable  Knowledge  Inherence – Behavioural biometry SCA Trans nsac action on Risk Anal alysi sis PSD2  Abnormal spending behavioural patterns  Location of payer Trans nsac action on Mo Monitor oring ng  Location of payee’s account  Real-time scoring  Known fraud scenarios  Authentication element stolen  Unusual information about the device or software  Detection of Financial Malware  Signs of malware infection  Known fraudulent scenarios  Amount of each payment

Easy Deployment in 7 Days 11 AFS ONLINE AFS ANALYTICS INTEGRATE WEB PROBE Setup AFS ANALYTICS Optional: Use API Implement JavaScript infrastructure. for full integration probe in form of Optional: AFS can be with any internal simple “one liner” deployed in your and/or 3rd party into protected Web Page. infrastructure. system. AFS ENDPOINT SETUP CONNECTION [ [ MOBILE PROBE Allow connection to AFS Implement TM SDK ANALYTICS infrastructure. library into your Native Mobile Application if needed ] ]

Architecture 12 Bank ’s DMZ ThreatMark’s Cloud Fraud Analyst AFS Panel TM SDK Mobile Banking JS Probe & SDK data JS User Firewall Web server AFS Analytic Servers SOC Probe Internet Banking App. Server Existing FDS Core Banking/Authentication

Competitive Landscape 13 Market Leaders in Typical Inhouse Leaders in Threat ThreatMark AFS Fraud Analytics developed FDS Detection Solutions (SAS, NICE, Feed edzai) (vari rious na names) (IBM Trusteer, , RSA, F5 F5) Areas Covered Transaction Transaction Threats, Session Transaction analysis, Threats, Session analysis only analysis only anomalies only anomalies, User Identification Shared intelligence Rich Analytical Interface 1 st limited 3 rd to 5 th 1 st and 2 nd Gartner Layers covered All 5 layers 3 rd - static rules Limited to Machine Learning based threats Threat Intelligence Threat Security Operations Center and Fraud Analysts Intelligence only Setup and Very Low Very High Low Medium Operational Costs

Benefits for the End-users 14 Improved security increases TRUST Less fraud and lower fraud losses Better User Experience  removes friction from authentication and authorization  removes friction from transaction voice authorization

Business Benefits 15 Improved security and visibility brings TRUST Less fraud and lower fraud losses 90% lower costs for Authentication and Authorization Fewer manual reviews means lower costs 5x faster time to delivery and operational costs

Summary 16 Technol olog ogy Deliver ery y & Oper Operation ons • • Holistic online banking fraud prevention that combines: Under 7-days long deployment with no API integration • banking threats detection, necessary • seamless user identity verification and • • ML based transaction risk analysis under one Fully managed on-premise and cloud deployments analytics • 24/7 Security Operations Center with remote fraud analyst • Behavioral Biometry based detection of identity and user and security experts constantly analyzing threats and intentions assisting customers • • Shared fraud intelligence never seen in banking FDS Pre-integrated with Authentication providers, Omnichannel before banking providers, White-labeled • Machine learning with Human feedback

Protect your business.Now! Michal Tresner CEO michal.tresner@threatmark.com www.threatmark.com