Cyota, Inc., the leading provider of online security and anti-fraud solutions for financial institutions, today launched Cyota eSphinx, a new product based on the company's Adaptive Strong Authentication (ASA) technology for online banking.
Cyota eSphinx authenticates all online banking activities beyond the standard user name and password based on a device profile, assesses the risk level associated with each activity or transaction in real time, and requests additional authentication measures for any transactions identified as high risk. Cyota eSphinx is a low-cost alternative to hardware-based strong authentication solutions, and is completely invisible to 95 percent of accountholders. It allows banks to achieve stronger security without compromising on usability.
According to a recent report by Forrester Research Analyst Jonathan Penn, strong authentication remains the most important weapon in a bank's arsenal for fighting identity theft and protecting the privacy of customers' data. Another firm, Financial Insights, estimates that 18 million people have fallen victim to identity theft, prompting 12 million people to switch banks.
At the first sign of a high-risk transaction, such as major deviations from a customer's established banking patterns, device or communication profile, eSphinx immediately invokes stronger authentication measures via telephone or other communication channel. If the transaction is deemed authentic, eSphinx will adapt and "learn" this new user behavior, and will not trigger similar alerts in the future.
"As the frequency and sophistication of online financial attacks increases, banks are seeking low-cost strong authentication solutions that will allow their customers to continue banking safely online without negatively impacting the user experience or investing tens of millions of dollars in infrastructure, deployment and support," said Amir Orad, Cyota's executive vice president of marketing. "The existing hardware-based solutions tend to be cumbersome, expensive and difficult to deploy. Moreover, they typically solve yesterday's fraud problems, such as phishing, but not the emerging threats such as Trojans and man-in-the-middle attacks."
Cyota eSphinx is the first solution of its kind to combine strong authentication technology with a robust online risk management system. At the heart of eSphinx is Cyota's eRisk Engine, a core component of Cyota's new eVision online banking fraud management solution, which was developed over the course of providing online security, authentication and anti-fraud services to banks for the past six years. eSphinx was developed with input from several of Cyota's large financial institution clients in North America and the UK looking for alternative strong authentication solutions, and leverages several Cyota patents in this space. It also leverages Cyota's eFraud Network of banks across the globe to identify fraudster profiles and patterns.
"Working closely with our customers over the past few years, we have created a solution to address both sides of the ongoing debate between secure solutions and practical, cost effective ones," said Orad. "With Cyota eSphinx, banks can achieve stronger security at a lower cost without compromising usability. It does not require deploying any hardware or software, and is effective against new types of online threats as well as future ones."