Securing smartphones and tablets against banking fraud
Trusteer announced a new version of the Trusteer Mobile service which prevents mobile and online banking fraud.
The service detects mobile malware infection and helps bank customers fix security vulnerabilities on their devices. End users can also turn off access to their online bank accounts from anywhere using their mobile devices and safely access the bank web site via a secure mobile browser. Financial institutions can authorize online banking transactions using Trusteer Mobile Out-of-band Authentication for Android and iOS devices.
Trusteer Mobile provides the following capabilities to protect mobile access devices against malware designed to commit financial fraud:
Mobile malware detection – scans the device to detect malware infections, vulnerabilities, rogue configurations, and potential security risks. Using new threat and Crime Logic (i.e. attack tactics) information uncovered by the Trusteer Intelligence Center, Trusteer Mobile is continuously updated with countermeasures to protect against emerging malware threats.
Secure mobile browser – can be accessed after the device analysis is completed and blocks Man-in-the-Middle (i.e. Pharming) attacks by validating that online banking IP addresses and SSL certificates are genuine. It can be used to safely access the online banking web site or any other site. Banks can limit mobile access to their online banking application to devices that are using the secure mobile browser.
Online banking transaction authorization – enables financial institutions to push secure out-of-band transaction authorization requests to mobile devices to validate account login and financial transactions. Users can accept or deny pending transactions and review their account transaction history.
Self-service account lockdown – allows users to disable account access when they are not banking online to prevent criminals from using stolen credentials to submit fraudulent transactions. Account lockdown is triggered through a simple “On/Off” switch or can be configured to activate shortly after online banking sessions are terminated.
Endpoint security dashboard – provides end users with real time notification of malware infections and device risks, as well as step-by-step instructions to remove malware and resolve security flaws.
“As we have seen on PCs and Macs, without reliable endpoint malware protection virtually all strong security controls can be circumvented,” said Amit Klein, CTO of Trusteer.