Welcome!

Containers Expo Blog Authors: Pat Romanski, Liz McMillan, Leon Adato, Elizabeth White, JP Morgenthal

News Feed Item

RSA Targets Advanced Threats and 'Account Takeover' Attacks with New RSA® Adaptive Authentication Solution

RSA Enhances On Premise Risk-based Authentication Solution to Combat Fraud with New Trojan Detection and Mobile Defense Capabilities

BEDFORD, Mass., Nov. 20, 2012 /PRNewswire/ -- 

News Summary:

  • RSA® Adaptive Authentication On Premise solution uses a Big Data approach to help combat threats posed by more than 30 million variants of malware targeting end users for account takeover attacks
  • According to recent research by Aite Group, in 2011, account takeover attacks costs corporations over $400 million, a number that is expected to grow by 94% in 2016 
  • The latest version of the RSA Adaptive Authentication On Premise solution is designed to enhance mobile defense and Trojan Detection capabilities and adds innovative ATM channel protection

Full Story:

RSA, The Security Division of EMC (NYSE: EMC), today announced major enhancements to its RSA® Adaptive Authentication On Premise solution designed to help organizations in wide range of industries achieve the right balance of security against advanced threats, like those posed by Zeus, Citadel and the recently discovered Gozi Prinimalka Trojan, without compromising end user experience.

According to recent research by Aite Group, account takeover attacks resulted in over $400 million in losses in 2011, which are expected to grow by 94% to nearly $800 million by 2016.   Powered by the RSA® Risk Engine, the RSA Adaptive Authentication solution is engineered to mitigate the risk of account takeover by using a 'Big Data' approach to risk, drawing from a series of more than 100 different risk indicators, including device identification and behavior profiling, to validate user activity.  With an estimated 30 million pieces of malware targeting end users for account takeover, the latest RSA Adaptive Authentication solution is built to address changing customer requirements for convenience and ease of use while providing effective security against cybercriminal threats.

Enhanced Trojan Defenses

Organizations are constantly battling new forms of advanced threats.  By incorporating additional Trojan detection features including Proxy and HTML injection protection, the RSA Adaptive Authentication On Premise solution is engineered to address Man in the Browser (MITB) and Man in the Middle (MITM), techniques employed by the latest Trojan attacks, including Gozi Prinimalka, in an attempt to compromise end user accounts.  With the RSA Adaptive Authentication solution, anomalous interactions are detected and flagged to the organization that can then take action to block, monitor or require additional authentication measures to complete a transaction.  RSA Adaptive Authentication includes new features designed to:

  • HTML Injection Protection – Detects and flags fraudulent changes to end users' browser display via MITB attacks which attempt to either manipulate payments or harvest additional user credentials like social security number, credit card number or PIN.
  • Man vs. Machine Protection – Defends against advanced Trojans using automated script attacks to fraudulently add payees and transfer money to mule accounts.  RSA Adaptive Authentication software utilizes innovative Man vs. Machine protection to determine whether mouse or keystroke movements are associated with data input.  Additionally, the RSA Adaptive Authentication solution differentiates between users who have the browser auto complete feature turned on and can adjust the risk score accordingly. 
  • Proxy Attack Detection – Cybercriminals utilize proxy attacks to log on to banks from a proxy IP address that can allow penetration of user accounts via the genuine end user IP to gain positive device identification.  RSA Adaptive Authentication solutions determine when a login or transaction is being performed via a proxy which is anomalous to the user by identifying the true IP used, and dynamically adjusts the risk response appropriately.

New Mobile Protections

RSA has updated the RSA Adaptive Authentication On Premise solution's innovative and dedicated risk model to include location awareness and enhanced mobile device identification.  Location awareness gathers location data through WiFi, cell tower triangulation and GPS to identify anomalous locations that are new to the user, fraudulent transaction attempts by impossible ground speed differences, and when an access attempt comes from a known high risk location. Additionally, mobile device characteristics are gathered through the RSA Adaptive Authentication platform for a mobile device or directly through a Software Development Kit (SDK).

Automated Teller Machine (ATM) Protection

In addition, the RSA Adaptive Authentication solution now protects against account takeover fraud in the ATM channel by assessing ATM-specific activity including date and time of access, transaction amount, frequency of withdrawal, ATM owner and ID and location of ATM in order to assess risk.  With the rise of ATM-based account takeover and mule withdrawal attacks, the RSA Adaptive Authentication solution has been enhanced to detect and monitor against these threats without requiring additional software to be installed on ATM machines.

RSA Executive Quote:

Manoj Nair, General Manager, RSA Identity & Data Protection group

"Account takeover is currently the single most important issue for many of our customers.  As sophisticated malware continues to proliferate and cybercriminals evolve their methods, it's our responsibility to quickly adapt to help customers mitigate the threat.  The enhancements made to the RSA Adaptive Authentication On Premise solution is part of a cohesive strategy designed to address the changing needs of our customers and mitigate ongoing risks associated with the latest malware hitting online, mobile and ATM channels."

Industry Analyst Quote:

Julie Conroy, Research Director, Aite Group

"The trajectory of cybercrime is increasing at a frightening pace, driven by international organized crime rings intent on financial gain.  Organizations that need to protect web resources are looking to security solutions that keep them one step ahead of cybercriminals while also balancing convenience for the end-user."

Availability

RSA Adaptive Authentication On Premise 7.0 is available now. 

Featured Resources:

Additional Resources:

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.

 

RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries.  All other products and/or services referenced are trademarks of their respective companies. 

 

SOURCE EMC Corporation

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Whether your IoT service is connecting cars, homes, appliances, wearable, cameras or other devices, one question hangs in the balance – how do you actually make money from this service? The ability to turn your IoT service into profit requires the ability to create a monetization strategy that is flexible, scalable and working for you in real-time. It must be a transparent, smoothly implemented strategy that all stakeholders – from customers to the board – will be able to understand and comprehe...
SYS-CON Events announced today that Peak 10, Inc., a national IT infrastructure and cloud services provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Peak 10 provides reliable, tailored data center and network services, cloud and managed services. Its solutions are designed to scale and adapt to customers’ changing business needs, enabling them to lower costs, improve performance and focus inter...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
So, you bought into the current machine learning craze and went on to collect millions/billions of records from this promising new data source. Now, what do you do with them? Too often, the abundance of data quickly turns into an abundance of problems. How do you extract that "magic essence" from your data without falling into the common pitfalls? In her session at @ThingsExpo, Natalia Ponomareva, Software Engineer at Google, will provide tips on how to be successful in large scale machine lear...
Machine Learning helps make complex systems more efficient. By applying advanced Machine Learning techniques such as Cognitive Fingerprinting, wind project operators can utilize these tools to learn from collected data, detect regular patterns, and optimize their own operations. In his session at 18th Cloud Expo, Stuart Gillen, Director of Business Development at SparkCognition, will discuss how research has demonstrated the value of Machine Learning in delivering next generation analytics to im...
There is an ever-growing explosion of new devices that are connected to the Internet using “cloud” solutions. This rapid growth is creating a massive new demand for efficient access to data. And it’s not just about connecting to that data anymore. This new demand is bringing new issues and challenges and it is important for companies to scale for the coming growth. And with that scaling comes the need for greater security, gathering and data analysis, storage, connectivity and, of course, the...
This is not a small hotel event. It is also not a big vendor party where politicians and entertainers are more important than real content. This is Cloud Expo, the world's longest-running conference and exhibition focused on Cloud Computing and all that it entails. If you want serious presentations and valuable insight about Cloud Computing for three straight days, then register now for Cloud Expo.
IoT device adoption is growing at staggering rates, and with it comes opportunity for developers to meet consumer demand for an ever more connected world. Wireless communication is the key part of the encompassing components of any IoT device. Wireless connectivity enhances the device utility at the expense of ease of use and deployment challenges. Since connectivity is fundamental for IoT device development, engineers must understand how to overcome the hurdles inherent in incorporating multipl...
The increasing popularity of the Internet of Things necessitates that our physical and cognitive relationship with wearable technology will change rapidly in the near future. This advent means logging has become a thing of the past. Before, it was on us to track our own data, but now that data is automatically available. What does this mean for mHealth and the "connected" body? In her session at @ThingsExpo, Lisa Calkins, CEO and co-founder of Amadeus Consulting, will discuss the impact of wea...
SYS-CON Events announced today that Stratoscale, the software company developing the next generation data center operating system, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Stratoscale is revolutionizing the data center with a zero-to-cloud-in-minutes solution. With Stratoscale’s hardware-agnostic, Software Defined Data Center (SDDC) solution to store everything, run anything and scale everywhere...
Angular 2 is a complete re-write of the popular framework AngularJS. Programming in Angular 2 is greatly simplified – now it's a component-based well-performing framework. This immersive one-day workshop at 18th Cloud Expo, led by Yakov Fain, a Java Champion and a co-founder of the IT consultancy Farata Systems and the product company SuranceBay, will provide you with everything you wanted to know about Angular 2.
SYS-CON Events announced today that Men & Mice, the leading global provider of DNS, DHCP and IP address management overlay solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. The Men & Mice Suite overlay solution is already known for its powerful application in heterogeneous operating environments, enabling enterprises to scale without fuss. Building on a solid range of diverse platform support,...
You deployed your app with the Bluemix PaaS and it's gaining some serious traction, so it's time to make some tweaks. Did you design your application in a way that it can scale in the cloud? Were you even thinking about the cloud when you built the app? If not, chances are your app is going to break. Check out this webcast to learn various techniques for designing applications that will scale successfully in Bluemix, for the confidence you need to take your apps to the next level and beyond.
We’ve worked with dozens of early adopters across numerous industries and will debunk common misperceptions, which starts with understanding that many of the connected products we’ll use over the next 5 years are already products, they’re just not yet connected. With an IoT product, time-in-market provides much more essential feedback than ever before. Innovation comes from what you do with the data that the connected product provides in order to enhance the customer experience and optimize busi...
Increasing IoT connectivity is forcing enterprises to find elegant solutions to organize and visualize all incoming data from these connected devices with re-configurable dashboard widgets to effectively allow rapid decision-making for everything from immediate actions in tactical situations to strategic analysis and reporting. In his session at 18th Cloud Expo, Shikhir Singh, Senior Developer Relations Manager at Sencha, will discuss how to create HTML5 dashboards that interact with IoT devic...
Artificial Intelligence has the potential to massively disrupt IoT. In his session at 18th Cloud Expo, AJ Abdallat, CEO of Beyond AI, will discuss what the five main drivers are in Artificial Intelligence that could shape the future of the Internet of Things. AJ Abdallat is CEO of Beyond AI. He has over 20 years of management experience in the fields of artificial intelligence, sensors, instruments, devices and software for telecommunications, life sciences, environmental monitoring, process...
SYS-CON Events announced today that Ericsson has been named “Gold Sponsor” of SYS-CON's @ThingsExpo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. Ericsson is a world leader in the rapidly changing environment of communications technology – providing equipment, software and services to enable transformation through mobility. Some 40 percent of global mobile traffic runs through networks we have supplied. More than 1 billion subscribers around the world re...
Digital payments using wearable devices such as smart watches, fitness trackers, and payment wristbands are an increasing area of focus for industry participants, and consumer acceptance from early trials and deployments has encouraged some of the biggest names in technology and banking to continue their push to drive growth in this nascent market. Wearable payment systems may utilize near field communication (NFC), radio frequency identification (RFID), or quick response (QR) codes and barcodes...
SYS-CON Events announced today that Fusion, a leading provider of cloud services, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Fusion, a leading provider of integrated cloud solutions to small, medium and large businesses, is the industry's single source for the cloud. Fusion's advanced, proprietary cloud service platform enables the integration of leading edge solutions in the cloud, including cloud...
In his session at @ThingsExpo, Chris Klein, CEO and Co-founder of Rachio, will discuss next generation communities that are using IoT to create more sustainable, intelligent communities. One example is Sterling Ranch, a 10,000 home development that – with the help of Siemens – will integrate IoT technology into the community to provide residents with energy and water savings as well as intelligent security. Everything from stop lights to sprinkler systems to building infrastructures will run ef...