Cyber Threat Protection

About CTP anti-fraud software

Cyber Threat Protection is a powerful monitoring solution designed to guard firms and institutions against online frauds. The solution tracks both user and device activity to calculate a unique scoring for authentication, authorization, and more.

Cyber Security

Comarch Cyber Threat Protection (CTP) is a transparent anti-fraud system that can work on both user workstations and mobile devices.

Based on the analysis of user work environment, the system returns a scoring that serves as a basis for further decisions, such as introducing 2FA, terminating operations, or making a telephone verification.

Comarch Cyber Threat Protection has a modular structure, so you can order only those modules that suit you best.



Compatibility with both workstations and mobiles


No need for any extra software

'Set-and-forget' mode

Just install the thing and let it do the rest


Frictionless identification/authorization steps

Cyber Threat Protection modules

device repitation

Device reputation

Analyzes a device being used to access a specific resource, e.g. banking or loyalty website. The module compares the device with other ones used by this very person in the past – and checks whether the device is linked to any known frauds. If historical data is not yet available, the module relies on tamper detection and other alternative identification methods.

Device reputation can also be established based on a fingerprint feature. This approach is focused on the web browser and can be used on both desktops and mobiles.

Malware detection

Malware detection

Checks whether a website has been infected with malware and supports its integrity using an obfuscation mechanism.

The key activities of this module are:

  • Root detection
  • Jailbreak detection
  • Simulator/debug mode detection
  • Malware detection (SDK/JS module)
  • Web page integrity check (JS module)
Behavioral biometrics

Behavioral biometrics

Checks on typical user activities such as taps, touches, clicks, presses, and more. The module distinguishes between man and machine, and can even identify a single individual. Thanks to this, the continuous authentication mechanism is ensured.

identity cloning

Identity cloning

Allows for detecting temporary email addresses, telephone numbers, or credit cards – which are often used by fraudsters. The module can also detect whether a specific email address is already registered in a database regardless of how it’s spelled (with punctuation marks, special characters, etc.).

The module is based on syntax rules characteristic of widely known e-mail providers – with an option to to customize it further.

Security features

Core feature

Encompasses a security framework, self-monitoring tools, and dedicated security mechanisms topped with modern look and feel.

Anti-tampering feature

Provides mechanisms for malware detection and real-time analysis. It consists of heuristic patterns and a behavioral engine. Internal monitoring and event analysis helps to detect threats and runtime environment gaps.

Cryptography module

Responsible for generating user cryptographic material, secure user onboarding, sensitive data storage, encryption and data integrity check. It also provides tools for secure communication with a back-end server and guarantees that all information shown to user is credible.

Scoring feature

Responsible for generating security scoring based on device type and browser fingerprint, hardware details, or configuration and environment conditions.

Find more use cases

Download Comarch Cyber Threat Protection leaflet
CyberThreatProtection leaflet

Comarch Cyber Threat Protection leaflet

Stop fraudsters in their tracks with a seamless monitoring system.


Contact our consultants

Tell us about your business needs. We will find the perfect solution.