SecureLine - Out of Band Authentication
As noted in recent articles in banking industry publications (examples here and here), banks are struggling to provide adequate security for their Web commercial banking applications. As regulations tighten, and as courts find banks potentially liable for losses, the importance of providing highly secure, multi-factor authentication increases. Breakpoint's SecureLine solution allows financial institutions to place enhanced security in front of their currently-deployed applications.
Current FFEIC guidance mandates multi-factor authentication. However, hardware tokens, the most popular solution for true multi-factor authentication for commercial banking applications, are expensive to deploy and maintain, and as recently discovered, are still vulnerable to man-in-the-middle attacks. U.S. regulators have started drafting legistation to strengthen the now out of date guidance. The U.S. regulators, with input from the banking oversight agencies, is considering a rule that would make out of band authentication mandatory for some types of online banking transactions.US Targets Online Bank Fraud Instead of specialized hardware tokens, Breakpoint's SecureLine solution uses an automated phone call between the bank and the customer to provide true out-of-band, multi-factor authentication through a second channel. This solution is more secure, easier to manage, and less expensive than traditional hardware tokens.
In addition to securing the application login process, Breakpoint's SecureLine solution can be integrated into specific points in an application, such as when accessing administrative functions, or when approving transactions. Integration is simple, providing a cost-effective way to make legacy and third-party vendor applications compliant with regulations and best practices. Most Web applications can be secured without making any changes to the application itself.
BENEFITS & FEATURES
Improved Security
Multifactor authentication through a second, out-of-band channel provides greatly enhanced security over methods using the Web channel alone. With tokens you still need to enter your token code through the Web, making them vulnerable to man-in-the-middle attacks.
Secure Legacy Applications
Some older Web applications are not amenable to multifactor authentication. Breakpoint's SecureLine solution can protect legacy applications, usually with no modifications to the legacy application.
Secure Vendor Applications
Many Financial Institutions run Web applications provided by vendors and do not have access to the application source code to integrate new security protocols. Breakpoint's SecureLine solution can protect vendor applications, usually with no modifications to the vendor application itself.
Protect Specific Actions
Breakpoint's SecureLine solution can protect specific actions, such as transaction approval, within the application, usually with no modifications to the legacy application.
Configure Per User
Breakpoint's SecureLine solution can challenge some users and not others based on configurable rules.
Location-based Login Challenge
Breakpoint's Multi-Factor solution can challenge users based on their IP address. Rather than protecting the login/landing page with a phone call challenge for every login, the user can be challenged the first time they come from a new address. An extremely high percentage of access to corporate banking applications will come from the company's standard network IP address. Access from a different address often indicates an "exception" worthy of increased scrutiny of the session.
Secure Multiple Applications
A single instance of Breakpoint's SecureLine solution can protect multiple applications, reducing the overhead to bring all of the bank applications into compliance with regulations.
Reduced costs
Breakpoint's solution relies on hardware that customers already have, a standard landline or mobile phone, rather than a separate hardware token. This eliminates the need for the financial institution to distribute and manage tokens, allowing corporate customers to add and their own users, without involving bank customer support personnel, further reducing costs to the bank.
Single Sign On
A single instance of Breakpoint's SecureLine Solution can perform as a Single Sign On provider to multiple applications, greatly enhancing the customer experience by providing a unified login and security experience.