Internet fraud is spiralling out of control
Failing Customer Security Applications
Recent statistics collected by the US FDIC show a rising tide in the occurrence and cost of internet banking fraud.
In most cases, banks were unable to explain how each loss occurred, concluding that the most likely cause was malicious software surreptitiously installed on the customer's PC.
There is growing recognition that the major security vendors' PC antivirus and internet security suites are unable to combat the growing volumes of malware.
The rising cost of fraud can be directly linked to the increasing failure of mainstream PC antivirus and security applications to detect and remove the growing number of malware infections.
Rookit, advanced spyware, and low volume highly targeted malware threats, are now the major cause of internet fraud.
Spoofed web sites, poisoned DNS, phishing and pharming also continue to be significant factors.
Banks and large eCommerce providers are realising that they need to have joint ownership of the security landscape for their customer PCs; we call this Customer Security Management.
Prevx eSAC is a Customer Security Management solution
It allows Banks and eCommerce businesses, to jointly own and manage the security landscape of the customer PC, during the time it is used to transact with the Bank or eCommerce web site. eSAC has four components:
Lightweight eSAC client
A lightweight client (600Kbytes) verifies and repairs the security of the customer PC immediately prior to the customer login; checking, uncovering, reporting and blocking access to spoofed web sites and/or poisoned DNS servers, identifying and removing rootkits, advanced spyware and targeted attack malware. The client interfaces transparently to the Bank or eCommerce web site making web applications aware of the security state of a customer or visitor PC.
Prevx Real Time Threat Database
The Prevx real time threat database analyzes the behavior of 250,000 new programs every day and uses advanced automated malware research to identify and add immediate detection for more than 15,000 new malicious objects each day allowing the eSAC client to detect and remove new malware much faster than conventional antivirus.
Prevx eSAC Web Site Authentication Database
The Prevx eSAC Web Site Authentication database correlates and verifies the DNS resolution of customer requests to visit the Bank or eCommerce web site and can quickly pin-point poisoned DNS and DNS servers and Spoofed web sites.
Prevx eSAC Management Web Site
The Prevx eSAC Management Web Site provides management information and alerts the Bank or eCommerce business to issues and trends, allowing them to quickly and decisively block access to, or warn users about potentially malicious sites or rogue DNS servers. It also provides a complete history of the customer PC security for each logon session. This history also enables insightful management information to be provided alerting the Bank or eCommerce business to new, high volume, or low volume targeted malware within their customer base.
eSAC has been designed to inter-operate with all other major PC security applications. However, it has been designed to be the platform for Customer Security Management. It's comprehensive capabilities and rich management information make it the obvious first, and most important move to managing the issues and cost of internet fraud.
Customer Security Management - the first and most important step
One of the greatest challenges of Customer Security Management is understanding the huge array of diversity in the customer PC environment. Managing customer security across millions of universally different PC configurations makes Enterprise IT Security look simple.
eSAC provides an extensible framework and comprehensive range of anti-fraud capabilities in a single light weight client that has been designed to inter-operate with any other PC based security solution.
For more information contact our sales team for a WebEx meeting.
