SafeNet, Inc., a global leader in data protection, announced today the availability of a new identity and transaction protection solution that addresses multiple levels of risk associated with online banking and trading transactions. SafeNet’s new eToken 3500 is an innovative electronic signing and strong authentication token-based device that will enable financial services organizations to successfully achieve the right balance of risk mitigation, cost-effectiveness, and usability when securing eBanking applications.
The SafeNet eToken 3500 uses an optical sensor to read financial transaction data from a Web browser, generating a unique electronic signature that validates each transaction, reducing threats such as Man-in-the-Browser (MitB) and Man-in-the-Middle (MitM), in which hackers hijack legitimate user identities during a transaction and redirect funds. Additionally, the optical features of the device scan the transaction data automatically, eliminating the need for manual inputs, which simplify the electronic signing process for the user while reducing errors.
“Malware-based attacks against bank customers and employees are levying severe reputational and financial damage on their victims,” says Avivah Litan, vice president and distinguished analyst, Gartner Research. “Fighting these and future types of attacks requires a layered fraud prevention approach.” Further, Gartner recommends that organizations “deploy both secure browsing and out-of-band or dedicated hardware transaction verification for high-risk transactions as complementary measures to existing authentication methods.”1
Financial institutions have to manage heavy volumes of high-risk transactions on a daily basis. The rising tide of cyber threats, as well as increased regulatory pressures, has necessitated a new approach to online transaction protection. Additional validation, to ensure that each transaction is authorized by a legitimate customer, can contribute significantly to reducing online banking fraud. By combining secure electronic transaction signing with one-time password (OTP) strong authentication, the SafeNet eToken 3500 eliminates the risk of transaction tampering, as well as forgotten, stolen, or hacked passwords, and mitigates the risk of identity theft. It also helps organizations comply with privacy and data protection regulations.
The eToken 3500 allows customers to:
• Generate an electronic signature for transactions, ensuring their integrity;
• Reduce the chances of financial fraud resulting from MitM and MitB threats;
• Automatically scan encrypted transaction details, preventing typing errors;
• Maintain secure remote access to networks, applications, and Web-based services.
“Forward-thinking financial services institutions need to approach authentication in a way that goes beyond simply verifying the identity of the user, which can be faked. To combat fraud and manage risk, customers need transaction protection and signing solutions that ensure the transaction itself is validated,” said Andrew Young, vice president of Authentication, SafeNet. “SafeNet’s portfolio of identity and transaction solutions, including the eToken 3500, is purpose-built to address the unique risk requirements of financial services, delivering the appropriate levels of protection during the transaction lifecycle without impeding the customer experience.”
How it Works
The SafeNet eToken 3500 generates an OTP when a user presses a button on the token. It creates a unique electronic signature by reading the encrypted details of a financial transaction from a computer screen. This functionality is enabled by an optical sensor that is built into the token. The user holds the token up against the screen, the token reads the transaction details, and then generates the electronic signature. The user then keys the signature into the browser and, in so doing, confirms the transaction is valid.
By combining secure electronic transaction signing with OTP strong authentication, the SafeNet eToken 3500 eliminates the risk of transaction tampering, as well as forgotten, stolen, or hacked passwords, mitigating the risk of identity theft. It also helps organizations comply with privacy and data protection regulations.
1 Gartner, Inc., The Five Layers of Fraud Prevention and Using Them to Beat Malware, Avivah Litan, April 21, 2011.
SafeNet Family of Authentication Solutions
Offering flexible management platforms, the broadest range of strong authentication methodologies and form factors, and transaction verification capabilities, as well as identity federation and Single Sign-on, SafeNet solutions create a future-ready security foundation that allows organizations to adopt a modular, forward-looking identity management strategy. This approach ensures that customers’ security needs are met as new threats, devices, and use cases evolve. For more information regarding SafeNet’s complete portfolio of authentication solutions, visit safenet-inc.com/authentication.
About SafeNet, Inc.
Founded in 1983, SafeNet, Inc. (safenet-inc.com) is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organizations around the globe. SafeNet’s data-centric approach focuses on the protection of high value information throughout its lifecycle, from the data center to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments.