The financial industry has been a leader in data security for years. It is banks, brokerage companies, insurers, leasing companies and other financial market entities that are particularly motivated to incur data security expenses, for the sake of both employees and customers. This is because financial services are one of the areas most vulnerable to cyber attacks of any kind.
While it’s often shrouded in secrecy, many cybersecurity innovations originated in the financial sector. And because "money likes silence", the financial sector is trying to stay ahead of hackers' ingenuity.
There are many ways to gain unauthorized access to services and each day brings new vulnerabilities. Classification of those starts with account breach attempts or data theft (either as a result of an attack or leakage of access data from other services). More sophisticated methods include attempts to interfere with order details, or attacks using 2SV (two-step verification).
Recent years have shown that the most effective method of securing the access to payment instruments are 2FA tools in the form of hardware tokens or advanced mobile solutions. Especially those that guarantee the undeniability of the presented data and take proper care of the security of user cryptographic material.
The tPro Mobile token is an example of an advanced mobile tool for transaction authorization and strong user authentication. The solution has been designed to meet the rigorous requirements of the PSD-2 directive. The tPro Mobile solution ensures security, uniqueness and integrity of the authorization code at every stage of its generation, as well as the integrity of the presented transfer data. Compatibility with the solution can can work on three layers:
Such division allows for quick and convenient integration even in case of already existing mobile applications, where tPro Mobile is offered as a collection of tPro MobileSDK programming libraries. This makes it possible to add a security layer to the existing applications, while maintaining all the token’s advantages.
Comarch Cyber Threat Protection is an online threat prevention and anti-identity theft platform for workstations and mobile devices.
The platform tracks both end-user activity and their devices to calculate partial and general scoring for authentication, authorization, or any other operations. The scoring is reflective of device recognition and cyber threat-repository data. For this purpose, a lot of different artifacts are collected, based on tamper detection, or browser and device fingerprints.
The CTP platform is a rule-based system that collects and utilizes indicators to evaluate the risks related to the end-user activity. The solution has a modular structure and can be delivered as-is or as an SDK library.
Comarch Identity & Access Management (IAM) is a solution that provides comprehensive user identity management and the control of access to enterprise resources such as web applications, VPN services, and workstations. The modular design of the solution facilitates its adaptation to specific types of organizations, regardless of their size, structure, or geographical dispersion.
Working in conjunction with Comarch IAM Authentication Server (CIAM AS), the tPro family provides a ready-to-use solution to secure authentication and authentication operations, providing effective protection against the following attacks:
Thanks to that, apart from the value of CIAM AS, we will offer:
Such comprehensive protection of your financial system may significantly improve the image of the organization and, above all, effectively protect it against numerous cyber threats.
Tell us about your business needs. We will find the perfect solution.