Click here to close now.

Welcome!

IoT User Interface Authors: Sematext Blog, Elizabeth White, Liz McMillan, AppDynamics Blog, Lori MacVittie

News Feed Item

RSA Targets Advanced Threats and 'Account Takeover' Attacks with New RSA® Adaptive Authentication Solution

RSA Enhances On Premise Risk-based Authentication Solution to Combat Fraud with New Trojan Detection and Mobile Defense Capabilities

BEDFORD, Mass., Nov. 20, 2012 /PRNewswire/ -- 

News Summary:

  • RSA® Adaptive Authentication On Premise solution uses a Big Data approach to help combat threats posed by more than 30 million variants of malware targeting end users for account takeover attacks
  • According to recent research by Aite Group, in 2011, account takeover attacks costs corporations over $400 million, a number that is expected to grow by 94% in 2016 
  • The latest version of the RSA Adaptive Authentication On Premise solution is designed to enhance mobile defense and Trojan Detection capabilities and adds innovative ATM channel protection

Full Story:

RSA, The Security Division of EMC (NYSE: EMC), today announced major enhancements to its RSA® Adaptive Authentication On Premise solution designed to help organizations in wide range of industries achieve the right balance of security against advanced threats, like those posed by Zeus, Citadel and the recently discovered Gozi Prinimalka Trojan, without compromising end user experience.

According to recent research by Aite Group, account takeover attacks resulted in over $400 million in losses in 2011, which are expected to grow by 94% to nearly $800 million by 2016.   Powered by the RSA® Risk Engine, the RSA Adaptive Authentication solution is engineered to mitigate the risk of account takeover by using a 'Big Data' approach to risk, drawing from a series of more than 100 different risk indicators, including device identification and behavior profiling, to validate user activity.  With an estimated 30 million pieces of malware targeting end users for account takeover, the latest RSA Adaptive Authentication solution is built to address changing customer requirements for convenience and ease of use while providing effective security against cybercriminal threats.

Enhanced Trojan Defenses

Organizations are constantly battling new forms of advanced threats.  By incorporating additional Trojan detection features including Proxy and HTML injection protection, the RSA Adaptive Authentication On Premise solution is engineered to address Man in the Browser (MITB) and Man in the Middle (MITM), techniques employed by the latest Trojan attacks, including Gozi Prinimalka, in an attempt to compromise end user accounts.  With the RSA Adaptive Authentication solution, anomalous interactions are detected and flagged to the organization that can then take action to block, monitor or require additional authentication measures to complete a transaction.  RSA Adaptive Authentication includes new features designed to:

  • HTML Injection Protection – Detects and flags fraudulent changes to end users' browser display via MITB attacks which attempt to either manipulate payments or harvest additional user credentials like social security number, credit card number or PIN.
  • Man vs. Machine Protection – Defends against advanced Trojans using automated script attacks to fraudulently add payees and transfer money to mule accounts.  RSA Adaptive Authentication software utilizes innovative Man vs. Machine protection to determine whether mouse or keystroke movements are associated with data input.  Additionally, the RSA Adaptive Authentication solution differentiates between users who have the browser auto complete feature turned on and can adjust the risk score accordingly. 
  • Proxy Attack Detection – Cybercriminals utilize proxy attacks to log on to banks from a proxy IP address that can allow penetration of user accounts via the genuine end user IP to gain positive device identification.  RSA Adaptive Authentication solutions determine when a login or transaction is being performed via a proxy which is anomalous to the user by identifying the true IP used, and dynamically adjusts the risk response appropriately.

New Mobile Protections

RSA has updated the RSA Adaptive Authentication On Premise solution's innovative and dedicated risk model to include location awareness and enhanced mobile device identification.  Location awareness gathers location data through WiFi, cell tower triangulation and GPS to identify anomalous locations that are new to the user, fraudulent transaction attempts by impossible ground speed differences, and when an access attempt comes from a known high risk location. Additionally, mobile device characteristics are gathered through the RSA Adaptive Authentication platform for a mobile device or directly through a Software Development Kit (SDK).

Automated Teller Machine (ATM) Protection

In addition, the RSA Adaptive Authentication solution now protects against account takeover fraud in the ATM channel by assessing ATM-specific activity including date and time of access, transaction amount, frequency of withdrawal, ATM owner and ID and location of ATM in order to assess risk.  With the rise of ATM-based account takeover and mule withdrawal attacks, the RSA Adaptive Authentication solution has been enhanced to detect and monitor against these threats without requiring additional software to be installed on ATM machines.

RSA Executive Quote:

Manoj Nair, General Manager, RSA Identity & Data Protection group

"Account takeover is currently the single most important issue for many of our customers.  As sophisticated malware continues to proliferate and cybercriminals evolve their methods, it's our responsibility to quickly adapt to help customers mitigate the threat.  The enhancements made to the RSA Adaptive Authentication On Premise solution is part of a cohesive strategy designed to address the changing needs of our customers and mitigate ongoing risks associated with the latest malware hitting online, mobile and ATM channels."

Industry Analyst Quote:

Julie Conroy, Research Director, Aite Group

"The trajectory of cybercrime is increasing at a frightening pace, driven by international organized crime rings intent on financial gain.  Organizations that need to protect web resources are looking to security solutions that keep them one step ahead of cybercriminals while also balancing convenience for the end-user."

Availability

RSA Adaptive Authentication On Premise 7.0 is available now. 

Featured Resources:

Additional Resources:

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.

 

RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries.  All other products and/or services referenced are trademarks of their respective companies. 

 

SOURCE EMC Corporation

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
There is no question that the cloud is where businesses want to host data. Until recently hypervisor virtualization was the most widely used method in cloud computing. Recently virtual containers have been gaining in popularity, and for good reason. In the debate between virtual machines and containers, the latter have been seen as the new kid on the block – and like other emerging technology have had some initial shortcomings. However, the container space has evolved drastically since coming on...
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. The DevOps Summit at Cloud Expo – to be held June 3-5, 2015, at the Javits Center in New York City – will expand the DevOps community, enable a wide...
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...
The web app is Agile. The REST API is Agile. The testing and planning are Agile. But alas, Data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes which force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software orga...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
Cloud Expo, Inc. has announced today that Andi Mann returns to DevOps Summit 2015 as Conference Chair. The 4th International DevOps Summit will take place on June 9-11, 2015, at the Javits Center in New York City. "DevOps is set to be one of the most profound disruptions to hit IT in decades," said Andi Mann. "It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited to help the great team at ...
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
CA Technologies has announced it has signed a definitive agreement to acquire Rally Software Development Corp. for $19.50 per share, which equates to approximately $480 million, net of cash acquired. The transaction has been unanimously approved by both Boards of Directors, and is expected to close in the second quarter of CA’s fiscal 2016. Based in Boulder, CO, Rally has approximately 500 employees across four continents and FY 2015 sales of $88 million. “Software applications are changing the...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
Enterprises are fast realizing the importance of integrating SaaS/Cloud applications, API and on-premises data and processes, to unleash hidden value. This webinar explores how managers can use a Microservice-centric approach to aggressively tackle the unexpected new integration challenges posed by proliferation of cloud, mobile, social and big data projects. Industry analyst and SOA expert Jason Bloomberg will strip away the hype from microservices, and clearly identify their advantages and d...
The OpenStack cloud operating system includes Trove, a database abstraction layer. Rather than applications connecting directly to a specific type of database, they connect to Trove, which in turn connects to one or more specific databases. One target database is Postgres Plus Cloud Database, which includes its own RESTful API. Trove was originally developed around MySQL, whose interfaces are significantly less complicated than those of the Postgres cloud database. In his session at 16th Cloud...
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades. With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, June 9-11, 2015, at the Javits Center in New York City. Learn what is going on, contribute to the discussions, and ensure that your enter...
SYS-CON Events announced today that MetraTech, now part of Ericsson, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Ericsson is the driving force behind the Networked Society- a world leader in communications infrastructure, software and services. Some 40% of the world’s mobile traffic runs through networks Ericsson has supplied, serving more than 2.5 billion subscribers.
Software Development Solution category in The 2015 American Business Awards, and will ultimately be a Gold, Silver, or Bronze Stevie® Award winner in the program. More than 3,300 nominations from organizations of all sizes and in virtually every industry were submitted this year for consideration. "We are honored to be recognized as a leader in the software development industry by the Stevie Awards judges," said Steve Brodie, CEO of Electric Cloud. "We introduced ElectricFlow and our Deploy app...
What do a firewall and a fortress have in common? They are no longer strong enough to protect the valuables housed inside. Like the walls of an old fortress, the cracks in the firewall are allowing the bad guys to slip in - unannounced and unnoticed. By the time these thieves get in, the damage is already done and the network is already compromised. Intellectual property is easily slipped out the back door leaving no trace of forced entry. If we want to reign in on these cybercriminals, it's hig...
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
SYS-CON Events announced today that O'Reilly Media has been named “Media Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York City, NY. O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption...
In their general session at 16th Cloud Expo, Michael Piccininni, Global Account Manager – Cloud SP at EMC Corporation, and Mike Dietze, Regional Director at Windstream Hosted Solutions, will review next generation cloud services, including the Windstream-EMC Tier Storage solutions, and discuss how to increase efficiencies, improve service delivery and enhance corporate cloud solution development. Speaker Bios Michael Piccininni is Global Account Manager – Cloud SP at EMC Corporation. He has b...
There will be 150 billion connected devices by 2020. New digital businesses have already disrupted value chains across every industry. APIs are at the center of the digital business. You need to understand what assets you have that can be exposed digitally, what their digital value chain is, and how to create an effective business model around that value chain to compete in this economy. No enterprise can be complacent and not engage in the digital economy. Learn how to be the disruptor and not ...