Trusteer

Trusteer Mobile protects mobile devices against malware. Software vulnerabilities in mobile operating systems, such as Apple’s iOS and Google’s Android, allow malicious software to infect and take over devices. And, Man-in the- Mobile malware steal credentials, tampers with financial transactions and out-of-band authentication and compromises mobile banking applications. Trusteer Mobile scans devices to detect malware infection and potential security risks, and provides remediation guidance to end users. And, Financial Institutions (FIs) can leverage the mobile device risk score to secure mobile banking transactions.

Trusteer Mobile Out-of-Band Authentication enables secure transaction authorization and self-service account lockdown. FIs can push transaction authorization requests to end users’ mobile devices to validate account login and financial transactions. End users can lock down their online banking account to disable fraudster access. Multiple layers of security ensure out-of-band controls are not compromised by malware on the mobile device.

Key Capabilities:

• Detects malware infection and device security risks
• Guides users to improve device security posture
• Calculates device risk score to prevent fraud
• Ensures protected web access with Secure Mobile Browser
• Out-of-band secure authentication of account login and financial transactions
• Out-of-band self-service account lockdown
• Supports multiple FIs and accounts
• Flexible deployment through a Mobile Application or a Mobile SDK

Detects malware infection and device risks
Trusteer Mobile scans the device to detect malware infection and potential security risks. Trusteer Intelligence Center identifies new threats, exposes new Crime Logic (i.e. attack tactics), creates countermeasures, and adapts Trusteer Mobile protections against emerging mobile malware threats. Operating system security posture is validated against up-to-date security best practices to identify vulnerabilities and installed mobile applications are reviewed to detect potentially rogue configurations.

Guides users to improve device security posture
A security dashboard provides end users with real-time visibility into malware infections and device risks. Malware infection can be quickly removed by end users through a few simple steps prescribed by Trusteer Mobile. The dashboard provides detailed information and remediation guidance on each identified risk, allowing end users to self-assess and take action to improve device security posture.

Calculates device risk score to prevent fraud
Financial Institutions (FIs) leverage the mobile device risk score (generated by a device scan) to secure mobile banking transactions. Devices with high risk scores can be denied access to online banking or be required to pass step-up authentication. Once users have logged in, FIs can use the risk score to restrict access to specific data or functionality and conduct manual review and approval of specific transactions.

Ensures protected web access with a Secure Mobile Browser
Trusteer Mobile includes a secure mobile browser that is used after the device analysis is completed. The embedded browser blocks Man-in-the–Middle (i.e. Pharming) attacks by validating that online banking IP addresses and SSL certificates belong to the genuine site. End users use the browser to safely access the online banking website or any other site. Financial Institutions (FIs) can enforce that access to online banking sites be performed only through the secure mobile browser.

Out-of-band secure authentication of account login and financial transactions
Integrating with Trusteer cloud APIs, FIs can push authorization requests to mobile devices to validate account login and financial transactions. Trusteer Mobile dedicated application screens allow users to accept or deny pending transactions and review transaction history. Trusteer secures all out-of-band authentication interaction against mobile malware.

Out-of-band self-service account lockdown
Cybercriminals use malware and phishing to steal login information to access victims’ accounts. End users use Trusteer Mobile to disable account access when not banking online, eliminating the cybercriminals’ window of opportunity to use stolen credentials to submit fraudulent transactions. Account lockdown is triggered through a simple secured “On/Off” switch or can be configured to activate shortly after the user’s online banking session is terminated.

Supports multiple FIs and accounts
A single application on a device supports multiple FIs and a single bank account can be managed from multiple devices.

For End Users

Easy to download and install, multi FI, device and account support
Trusteer Rapport for Mobile application is easily downloaded from an application store and requires no end user training. A single application on the device supports multiple FIs and a single bank account can be managed from multiple devices.

For Financial Institutions

Flexible deployment through a Mobile Application or a Mobile SDK
Trusteer Mobile and the Out-of-Band Authentication support iOS (iPhone and iPad) and Android devices and are delivered through two separate software packages:

• Mobile Application: A standalone application available for download from Apple’s AppStore or Android Market application stores.
• Mobile SDK: A developer kit that adds functionality to standalone mobile apps. Developers can embed the Mobile SDK to add protection layers and out-of-band authentication, and adapt mobile banking application’s business logic by using the device risk score.