The Key to Secure Online Financial Transactions



Similar documents
Design Your Security

Keystroke Encryption Technology Explained

DESIGN YOUR SECURITY. We build tailored, converged security for you. Technology. Strategy. People. The synergetic collaboration.

COORDINATED THREAT CONTROL

Five Trends to Track in E-Commerce Fraud

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Internet threats: steps to security for your small business

Detailed Description about course module wise:

WEB ATTACKS AND COUNTERMEASURES

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.

Top five strategies for combating modern threats Is anti-virus dead?

Protect Your Business and Customers from Online Fraud

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Top tips for improved network security

Jort Kollerie SonicWALL

The Top Web Application Attacks: Are you vulnerable?

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Securing mobile devices in the business environment

Cyber Essentials Scheme

The risks borne by one are shared by all: web site compromises

CYBERTRON NETWORK SOLUTIONS

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Securing Your Business s Bank Account

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Electronic Fraud Awareness Advisory

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.

SecurityMetrics Vision whitepaper

Rational AppScan & Ounce Products

Introduction: 1. Daily 360 Website Scanning for Malware

How To Protect Your Online Banking From Fraud

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Protecting Your Organisation from Targeted Cyber Intrusion

Endpoint protection for physical and virtual desktops

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Protecting Point-of-Sale Environments Against Multi-Stage Attacks

Ovation Security Center Data Sheet

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

F5 (Security) Web Fraud Detection. Keiron Shepherd Security Systems Engineer

Cisco Advanced Services for Network Security

PCI Data Security Standards (DSS)

Next Gen Firewall and UTM Buyers Guide

Prevent Malware attacks with F5 WebSafe and MobileSafe. Alfredo Vistola Security Solution Architect, EMEA

Table of Contents. Page 2/13

Transaction Anomaly Protection Stopping Malware At The Door. White Paper

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Securing Secure Browsers

CRYPTUS DIPLOMA IN IT SECURITY

National Endowment for the Arts Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement Exit Conference...

FORBIDDEN - Ethical Hacking Workshop Duration

900 Walt Whitman Road, Suite 304 Melville, NY Office:

Locking down a Hitachi ID Suite server

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

Projectplace: A Secure Project Collaboration Solution

IBM Protocol Analysis Module

Internet Banking Attacks. Karel Miko, CISA DCIT, a.s. (Prague, Czech Republic)

Common Cyber Threats. Common cyber threats include:

Web Security School Final Exam

FileCloud Security FAQ

The Leading Provider of Endpoint Security Solutions

Protecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks

Zone Labs Integrity Smarter Enterprise Security

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Passing PCI Compliance How to Address the Application Security Mandates

OKPAY guides. Security Guide

WHITE PAPER. Understanding How File Size Affects Malware Detection

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

That Point of Sale is a PoS

Network protection and UTM Buyers Guide

SECURING IDENTITIES IN CONSUMER PORTALS

Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

BE SAFE ONLINE: Lesson Plan

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

The Benefits of SSL Content Inspection ABSTRACT

WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

Payment Fraud and Risk Management

Ovation Security Center Data Sheet

Integrated Protection for Systems. João Batista Territory Manager

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Top Five Data Security Trends Impacting Franchise Operators. Payment System Risk September 29, 2009

Spyware Doctor Enterprise Technical Data Sheet

Global Partner Management Notice

Importance of Web Application Firewall Technology for Protecting Web-based Resources

Symantec Mobile Security

Defending Against Cyber Attacks with SessionLevel Network Security

BLACKJACKING: SECURITY THREATS TO BLACKBERRY DEVICES, PDAS, AND CELL PHONES IN THE ENTERPRISE

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

Practical guide for secure Christmas shopping. Navid

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Endpoint protection for physical and virtual desktops

Our Key Security Features Are:

WEB SECURITY. Oriana Kondakciu Software Engineering 4C03 Project

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite

External Supplier Control Requirements

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

white paper Malware Security and the Bottom Line

Intel Identity Protection Technology Enabling improved user-friendly strong authentication in VASCO's latest generation solutions

Defending Against Data Beaches: Internal Controls for Cybersecurity

Securing Corporate on Personal Mobile Devices

Transcription:

Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on the Internet. But who ensures the safety of these sensitive financial transactions? We know that sometimes hackers penetrate financial security systems and make big headlines in the news. We also know that these incidents almost always require some compensation to the user, as a means of protecting a company s reputation and restoring consumer confidence. The question is, how do companies protect their online financial systems and reduce their liabilities? AhnLab Online Security is the answer. Preserve your well-earned reputation and ensure the trustworthiness of your online transactions with AhnLab Online Security. Intel R Identity Protection Technology

AhnLab Online Security It is critical to ensure that advanced security features are in place to safeguard users financial and personal information. Did You Know? > Introducing the Innovative, Comprehensive Security Solution Who ensures the safety of sensitive financial transactions? How do companies protect their online financial systems and reduce their liabilities? > Given the sensitive nature of e-commerce data, it is critical to ensure that advanced security features are in place to safeguard users financial and personal information. AhnLab Online Security (AOS) is designed exclusively to provide security for online transactions. Regardless of the security protocols used on a local computer, AOS provides complete security for the online transaction. Unlike a typical single-purpose security solution, AOS combines three key security elements into an innovative security solution that prevents the leakage of information and thwarts attempts to compromise online financial transactions. 02

Why AOS is better than Conventional Security for Transaction Threats Complete security for online transaction. Threats against transaction systems are typically not one-time events or simple acts of mischief. Instead, they are complex chains of attacks against financial processing systems. The perpetrators of these attacks not only use straightforward techniques, such as keylogging and file stealing, but also highly sophisticated techniques, such as altering webpages and memory locations to carry out prolonged theft and disruption of services. In order to offer adequate protection, security solutions must have the capability to assess and respond to complex and persistent threats for ongoing transactions. Security solutions that are dependent on basic security technologies are unable to identify or properly mitigate today s advanced threats. Anti-malware is based on blacklists, but this simple technology is incapable of responding to emergent or variant hacking threats. Virtual keyboards are used to bypass the inherent vulnerabilities of physical keyboards, but hackers can easily alter webpages or capture screens to disarm this security approach. Also, Virtual Keyboards are vulnerable when capturing data via Browser Help Object (BHO). Secure Socket Layer (SSL) protection is now a required component of transaction-based web applications, but vulnerabilities exist in portions of pages and sites that are unencrypted. One-time passwords (OTPs) are used to protect only the login ID or password, which means that vulnerabilities exist after the credential gateway, and Man-In-The-Browser (MITB) attacks can alter amounts or recipients of financial transactions. Booting & OS execution Transaction services SSL connection Transaction website Internet Blocks viruses and spyware Blocks trojans, worms & malicious processes Prevents HTML injection & cross-site scripting (XSS) Prevents browser help object (BHO) hacking & screen captures Prevents memory hacking, debugging & reverse engineering Prevents phishing & pharming Prevents unauthorized network access Blocks keyloggers Secures keyboards 03

AOS Anti-keylogger Stronger Protection with Intel Identity Protection Technology Security solutions that are dependent on basic security technologies are unable to identify or properly mitigate today s advanced threats. AOS Anti-keylogger delivers the protection needed to keep account information safe and prevent theft of sensitive personal data that is input via a keyboard. It encrypts data immediately after input and throughout the transactions in a PC. Even if a keylogger or hacker managed to retrieve the data, it could not be decrypted and used. The anti-keylogger s advanced features include: Detection and notification of keyloggers at the user levels and kernel levels Protection of inputs from USB, PS/2, wireless, and Bluetooth keyboards Combined with Intel IPT, AOS now delivers extra protection to the transaction process. While AOS Anti-keylogger secures and protects the user s primary input data, IPT sends out a secondary authentication method to ensure multiple security layers for online transactions. AOS Anti-keylogger with Intel s IPT enables: Device Identification: Remembering the unique code of AOS on a user s computer, transactions made other than the combination of AOS and IPT is automatically prohibited. End to End Data Protection: By using IPT on both ends of the transaction - from client to server-, the protection covers the entire data stream since the data is encrypted using OTP value created at the client and decrypted using symmetric OTP value created at the server. Even if the data is stolen during the transaction, it cannot be decrypted until it is reached to the server with IPT. Two-Factor Authentication: When the user input is transferred, IPT provides a second set of password in the form of OTP that can only be decrypted by the recipient server. Unless both authentication methods provided by AOS and IPT are confirmed, transaction is prohibited. AOS Secure Browser AhnLab Online Security is an easy-to-implement, easy-to-use solution that enhances the safety and reliability of online transactions. Popular web browsers are vulnerable to malware that can exploit architectural weaknesses. AOS Secure Browser is a dedicated security browser that creates a protected environment for online transactions. It secures sensitive user data against Man-In-The-Browser (MITB) attacks such as memory hacking, webpage alteration, SQL injection, cross-site scripting (XSS), browser help object (BHO) hacking, screen capturing, debugging, and reverse engineering. By creating an independent online space for safe communication, the AOS Secure Browser prevents malware from injecting data and stealing information entered into web browsers. 04

AOS Firewall Most attacks on financial transactions take place through unauthorized network connections or from hacking tools that have already infected the computer. Regardless of the security protocols that are being used on the local computer, AOS Firewall provides a secure environment while a transaction is being made. It protects the user by detecting and blocking unauthorized intrusions and hacking attempts and preventing the leakage of personal information. The firewall s advanced features include: Network monitoring and blocking Real-time detection and prevention of worms, viruses, and hacking attempts Management of shared folders and logs Controlled access to programs, IP addresses, and ports AOS Capabilities Blocks network intrusions and packet manipulation in real time Blocks ZeuS, SpyEye, and other Man-In-The-Browser(MITB) attacks Blocks keyloggers Blocks Man-In-The-Middle (MITM) attacks Prevents debugging, reverse engineering, phishing, and pharming Wide platform support enables secure transactions from PCs to mobile devices AOS FOR MOBILE The number of people accessing their bank accounts and making transfers on their mobile devices is on the rise. Interoperated with either mobile banking apps or web banking through the mobile browser, AOS for Mobile will protect the transaction data sent from the mobile devices. AOS for Mobile features include: Prevents screen capture: Malicious apps targeting mobile banking can take screen captures of the credentials inputted into the screen and send the images to their servers. AOS Mobile stops the screen capture activity itself, making data theft through screen capture impossible. Detects malicious apps or malware: Scans running apps, all installed apps and newly installed apps for malicious activities. AOS for Mobile is updated to the latest engine whenever it is executed. Blocks network-using apps: When AOS for Mobile is active, it will block other network-using apps, eliminating potential risks of intrusions. It also provides a whitelist that allows network connection of preloaded or user-defined apps so that user can stay connected with the apps even when running AOS for Mobile. Direct assessment of threats: AOS for Mobile will immediately send a notification to the user when a threat is detected. User will be able to gain more control over the device security, keeping their device clean and threat-free. 05

Benefits AhnLab Online Security is an easy-to-implement, easyto-use solution that enhances the safety and reliability of online transactions. It is also a cost-effective way to minimize fraud losses and curb management costs associated with potential user claims. Companies who employ AOS realize the following benefits: AhnLab Online Security is the proven solution for a safer, more trustworthy online transaction environment. Reduced Costs: AOS can be implemented seamlessly into existing websites. Not only does it reduce costs and labor in the implementing process, but it also reduces costs of potential claims by users. By reducing the incidence of security events and fraud claims, businesses can also benefit from higher productivity. Easy-to-Use, Simple UI: AOS complex and sophisticated technology is wrapped in user-friendly interface. Instant messaging provides notifications of attacks or intrusion attempts and simple configurations allow it to work in the background without interfering with activity on the website. Whether your business is concerned with its current level of transaction security or it is time to gain the strategic advantage for the future, AhnLab Online Security is the proven solution for a safer, more trustworthy online transaction environment. Learn more today by contacting your AhnLab partner or local AhnLab sales representative, or by visiting: http://aos.ahnlab.com About AhnLab AhnLab develops industry-leading information security solutions and services for consumers, enterprises, and small and medium businesses worldwide. As a leading innovator in the information security arena since 1995, AhnLab s cutting-edge technologies and services meet today s dynamic security requirements, ensure business continuity for our clients, and contribute to a safe computing environment for all. We deliver a comprehensive security lineup, including proven, world-class antivirus products for desktops and servers, mobile security products, online transaction security products, network security appliances, and consulting services. AhnLab has firmly established its market position and manages sales partners in many countries worldwide. Contact your AhnLab partner or local AhnLab sales representative, or visit us online: http://www.ahnlab.com AhnLab Online Security is in collaboration with Intel R Identity Protection Technology Intel, the world leader in silicon innovation, develops technologies, products, and initiatives to continually advance how people work and live. Intel, the Intel logo and Ultrabook are trademarks of Intel Corporation in the U.S. and/or other countries. AhnLab, Inc. www.ahnlab.com / global.sales@ahnlab.com / Tel: 1-888-537-4336 673, Sampyeong-dong, Bundang-gu, Seongnam-si, Gyeonggi-do, 463-400, Korea 2012 AhnLab, Inc. All rights reserved.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information