Press Release Summary:
RSAÂ® Adaptive Authentication integrated solution allows for tailoring of authentication schemes based on risk associated with specific activities or preferences of specific customers. Product is designed to allow one-time password-based authentication for groups of security-sensitive customers. Optional digital watermarks for reverse authentication and back-end transaction monitoring are included.
Original Press Release:
New RSA® Adaptive Authentication Fights War on Fraudsters with Book Smarts and Street Smarts
RSA Security Announces Integrated Risk-Based and One-Time Password-Based Authentication for Financial Institutions, Powered by Strong Cross-Bank Fraud Network
BEDFORD, Mass., March 1 / -- RSA Security (NASDAQ:RSAS), today announced that it has completed phase one of its integration with Cyota and unveiled a comprehensive, layered authentication solution designed to meet the financial services sector's need for flexible, convenient authentication choices that serve their entire user-base.
Dynamic layers of protection
RSA® Adaptive Authentication is engineered to allow organizations to dynamically tailor authentication schemes according to the risk associated with specific activities or the preferences of specific customers. The integrated solution is designed to allow for transparent risk-based authentication for the majority of users, coupled with one-time password-based authentication for groups of higher-risk or security-sensitive customers. The offering also includes optional digital watermarks for reverse authentication and back-end transaction monitoring.
"Today, RSA Security is proud to unveil a solution that uniquely addresses the full continuum of financial institutions' authentication needs: the combination of risk-based and one-time password-based authentication -- and a broad range of form factors for two-factor authentication -- are available from a single source rather than via a hodgepodge of partnerships," said Chris Young, senior vice president and general manager of RSA Cyota Consumer Solutions. "Moreover, RSA Adaptive Authentication is live and proven today, with its modules already deployed and protecting consumers at many of the world's leading financial institutions."
As part of the integration, RSA Security has added an innovative feature that is engineered to allow financial institutions to seamlessly shift between authentication methods and change the segmentation of their users by leveraging the sophisticated profiling analytics of the product. Risk Profiles Reports, automatically generated by the RSA Cyota risk engine, identify and recommend which customers may be suited to stronger forms of authentication based on their usage and behavior patterns. For example, an end-user who regularly logs in at an Internet cafe and may be using shared computers known to be compromised by fraudsters would be flagged as a user who might want the extra protection of a one-time password token.
Strong intelligence, analytics, and experience at the core
RSA Adaptive Authentication offers unparalleled intelligence-gathering and risk analysis capabilities at its foundation.
Live, and monitoring fraudster activity across dozens of financial institutions around the world today, the proprietary RSA Cyota eFraudNetwork(TM) community anchors RSA Adaptive Authentication by aggregating real-time data on the latest attacks and threats. The network collates some of the best, most up-to-date intelligence from across the globe, giving banks instantaneous information and instantaneous protection. The intelligence of one benefits all.
Data from the eFraudNetwork community is also fed into the RSA Cyota risk engine to ensure that authentication decisions are being made according to up-to-date global intelligence. The self-learning risk engine decides -- based on real-time analysis of Internet data, device recognition, user behavioral profiling, and more -- which transactions can proceed uninterrupted and which require additional authentication.
Real-time authentication options ready for any and every fight
Because one size does not fit all when it comes to authentication, RSA Adaptive Authentication provides financial institutions and their end-users with the widest range of authentication methods and form-factor choices.
For end-users that prefer risk-based authentication working for them behind the scenes, RSA Security offers secret 'life questions' and out-of-band phone calls for when a risk-sensitive transaction requires additional authentication. For those groups of end-users that want or require more tangible protection, RSA SecurID®(TM) technology is available in a wide range of everyday devices to generate one-time passwords: key-fob tokens, cell phones, PDAs, smart cards, etc. Financial institutions can now get flexible, convenient protection against current and evolving online threats and protect their customers' identities and assets across a variety of risk, regulatory, and transaction scenarios.
"Consumers' needs, lifestyles and habits come in all shapes and sizes," said Avivah Litan, Research VP, Gartner, Inc. "For a majority of users to take advantage of stronger forms of account protection, that protection must be available in a range of flexible choices. In this space, one size does not fit all, and different scenarios and preferences must be matched to appropriate levels of security and convenience."
"RSA Adaptive Authentication essentially ushers in the third stage of authentication's evolution at a critical time, when financial institutions are facing increasing online threats and regulatory requirements," continued Mr. Young. "RSA Security created the concept of one-time-passwords more than 20 years ago, and Cyota invented the notion of risk-based authentication three years ago; today, RSA Security is integrating the two in order to deliver the choice and flexibility financial institutions need to effectively meet their account holders' needs and preferences. Moreover, RSA Security can give financial institutions a complete solution under one relationship, one contract, and one streamlined deployment."
RSA Adaptive Authentication is available both through an on-premise or a fully-hosted solution. The fully-hosted solution leverages RSA Security's Go ID(sm) Network when deploying one-time password module-based authentication. The Go ID Network is designed to allow consumers to use the same one-time- password credential across multiple online accounts, negating the burden on consumers to carry more than one token and without requiring trust relationships between account providers - as a federated identity model would. The Go ID Network is also designed to support the entire end-user lifecycle -- from consumer acquisition marketing guides and inventory management to fulfillment and world-class customer service.
About RSA Cyota Consumer Solutions
RSA Cyota Consumer Solutions, a division of RSA Security Inc., offers proven solutions for online banking and e-commerce that range from adaptive authentication -- with risk-based technology, one-time-passwords and transaction-signing -- to anti-phishing services and real-time transaction monitoring that controls fraud and manages risk. The company's eFraudNetwork(TM) community is one of the world's most effective cross-bank collaborative online fraud networks. Today, many of the world's top 50 banks, including nine of the top 12 banks in North America and the UK, use RSA Cyota solutions to protect approximately 430 million consumers.
About RSA Security Inc.
RSA Security Inc. is the expert in protecting online identities and digital assets. The inventor of core security technologies for the Internet, the Company leads the way in strong authentication and encryption, bringing trust to millions of user identities and the transactions that they perform. RSA Security's portfolio of award-winning identity & access management solutions helps businesses to establish who's who online -- and what they can do.
With a strong reputation built on a 20-year history of ingenuity, leadership and proven technologies, we serve approximately 20,000 customers around the globe and interoperate with more than 1,000 technology and integration partners. For more information, please visit www.rsasecurity.com/
For more information:
RSA Security Inc.
Source: RSA Security
Web site: www.rsasecurity.com/