By Olivier Thirion de Briel, Global Solution Marketing Director, IAM Solutions at HID Global
Not surprisingly, as threat and fraud detection solutions become more sophisticated, malware and other threats continue to evolve. In the arms race between banks and criminals, the most advanced cybersecurity solutions are needed to reduce the risks of identity theft, compromised banking credentials and outright stealing from customer accounts. HID’s Risk Management Solution (RMS) offers the security, flexibility and peace-of-mind financial institutions and their customers need.
Malware Designed for Financial Theft is on the Rise
Researchers at Kaspersky Labs have discovered a worrying trend — malware specifically designed to steal banking credentials and money from bank accounts is increasing significantly. They discovered almost 30,000 instances of this type of malware in Q1 2019, compared to just under 19,000 instances in Q4 2018. This is an increase of almost 40 percent over just one quarter.
Although individual bank account holders need to protect themselves from the threats of malware, banks will experience the consequences of these attacks as well. With the implications of reputational damage, financial pain for customers and possible penalties — financial institutions must act to mitigate these risks.
Mobile Bank Trojans: A Threat to Individuals and Organizations
One of the most dangerous, iterated upon and flexible types of malware is the mobile banking trojan.
This cyberattack in action:
A criminal creates an app that looks identical to a legitimate mobile banking app.
They upload the app to some app stores, typically those that have less robust malware detection and security.
A banking customer looks for a banking app and inadvertently downloads and installs the malware-infected one.
They try and log into their account and the criminal steals their login, password and other credentials.
The app then steals the user’s money from the account, or the criminal logs in as the user and completes the theft.
One particularly virulent type of malware, Asacub, was able to attack 13,000 users a day in 2018. As mentioned, consumers can help to protect against malware by only installing trusted applications from reputable app stores, like Apple Store and Google Play. Banks can also help by strengthening the risk management solutions that they use to protect customer finances and accounts.
How the HID Risk Management Solution Can Help Your Bank
HID RMS is a threat and fraud detection platform that makes full use of real-time risk profiling technology. It can quickly and accurately detect threats and protect financial institutions against cybercriminals. HID RMS protects both end users and a financial institution’s internal, nonpublic, proprietary and sensitive business data.
Four Benefits of the HID Risk Management Solution for Financial Services Organizations
HID RMS has several capabilities specifically designed to give you the edge in combating financial malware and criminals.
HID RMS evaluates risks in a more comprehensive and precise manner by using several approaches to identify and eliminate types of banking malware, including:
Evidence-based threat detection capable of exposing generic threats, application integrity tampering and known malware and phishing attacks. It will also track device IDs and analyze devices and networks.
Anomaly detection that monitors the details of transactions, analyzes hundreds of parameters about the user, device, and app and identifies unusual patterns.
Behavioral biometrics to create a behavioral profile of a user by monitoring forms, buttons, page elements and device activity from the user, and then challenging the unusual usage of a device or app.
Identifies Zero-Day Malware
A major issue with a “known vulnerability” approach to threat management is that you’re relying on malware that’s already been identified and included in a threat database. HID RMS uses advanced technology to identify patterns specific to zero-day malware — malicious apps that are so new they’re not yet recorded in a risk database. Supported by advanced machine learning and AI capabilities, malware is quickly neutralized as it evolves providing an extra layer of protection.
Works Across Multiple Devices and Systems
HID RMS is designed to work across all your organization’s and your user’s key environments — including online and mobile banking, transaction systems and sensitive applications.
Offers Complete Integration with a Robust Security Approach
HID RMS is fully integrated with HID Global’s ActivID® Authentication Platform, providing advanced multi-factor authentication to protect user IDs, transactions, devices and accounts. Institutions will experience:
Significantly enhanced security.
A dynamic system able to detect future threats while enabling organizations to develop and improve existing solutions.
The ability to define UX flow according to the risk level, resulting in a better user experience while improving security.