SafeNet, a global leader in data protection, announced today the availability of a new identity and transaction protection solution that addresses multiple levels of risk associated with online banking and trading transactions.
SafeNet's new eToken 3500 is an innovative electronic signing and strong authentication token-based device that will enable financial services organizations to successfully achieve the right balance of risk mitigation, cost-effectiveness, and usability when securing eBanking applications.
The SafeNet eToken 3500 uses an optical sensor to read financial transaction data from a Web browser, generating a unique electronic signature that validates each transaction, reducing threats such as Man-in-the-Browser (MitB) and Man-in-the-Middle (MitM), in which hackers hijack legitimate user identities during a transaction and redirect funds. Additionally, the optical features of the device scan the transaction data automatically, eliminating the need for manual inputs, which simplify the electronic signing process for the user while reducing errors.
"Malware-based attacks against bank customers and employees are levying severe reputational and financial damage on their victims," says Avivah Litan, vice president and distinguished analyst, Gartner Research. "Fighting these and future types of attacks requires a layered fraud prevention approach." Further, Gartner recommends that organizations "deploy both secure browsing and out-of-band or dedicated hardware transaction verification for high-risk transactions as complementary measures to existing authentication methods."1
Financial institutions have to manage heavy volumes of high-risk transactions on a daily basis. The rising tide of cyber threats, as well as increased regulatory pressures, has necessitated a new approach to online transaction protection. Additional validation, to ensure that each transaction is authorized by a legitimate customer, can contribute significantly to reducing online banking fraud. By combining secure electronic transaction signing with one-time password (OTP) strong authentication, the SafeNet eToken 3500 eliminates the risk of transaction tampering, as well as forgotten, stolen, or hacked passwords, and mitigates the risk of identity theft. It also helps organizations comply with privacy and data protection regulations.
The eToken 3500 allows customers to:
• Generate an electronic signature for transactions, ensuring their integrity
• Reduce the chances of financial fraud resulting from MitM and MitB threats
• Automatically scan encrypted transaction details, preventing typing errors
• Maintain secure remote access to networks, applications, and Web-based services
"Forward-thinking financial services institutions need to approach authentication in a way that goes beyond simply verifying the identity of the user, which can be faked. To combat fraud and manage risk, customers need transaction protection and signing solutions that ensure the transaction itself is validated," said Andrew Young, vice president of Authentication, SafeNet. "SafeNet's portfolio of identity and transaction solutions, including the eToken 3500, is purpose-built to address the unique risk requirements of financial services, delivering the appropriate levels of protection during the transaction lifecycle without impeding the customer experience."
1 Gartner, Inc., The Five Layers of Fraud Prevention and Using Them to Beat Malware, Avivah Litan, April 21, 2011.