Case study: SunTrust Bank and Trusteer
One of the nation's largest banking organizations determined to help its clients protect themselves against online fraud, reports Greg Masters.
The notorious outlaw Jesse James and his gang are said to have committed one of the first armed bank robberies in the United States on Feb. 13, 1866. A 19-year-old student was shot in the melee and the robbers escaped with $60,000 from the Clay County Savings Association in Liberty, Mo.
Unfortunately, escapades like this continue to occur occassionally, but criminals increasingly have migrated to methods that involve nothing so reckless as a physical confrontation. And that, of course, is cyber crime, where their exploits are carried out while sitting at computers. Whether allied together in so-called cyber gangs, or working with a small group or acting solo, today's bank robbers are a more sophisticated bunch than were the Confederate bushwhackers comprising the James gang. With all the tools they need easily available for sale on the online black market – including malicious software (malware) solely created to survey computer systems or networks for data related to financial transactions – cyber thieves today can put their schemes into practice behind a veil of anonymity, and reap big rewards without pointing a gun at anyone.
In fact, cybercriminal groups have narrowed their focus to attacking the client and its machines directly. This allows them to develop advanced malware that can carry out difficult-to-block man-in-the-middle and man-in-the-browser attacks. These types of attack involve a criminal gaining control of a computer user's machine so as to intercept communications. With this increasing prevalence of sophisticated financial malware on the internet, one of the nation's largest banking organizations determined to help its clients protect themselves against online fraud.
SunTrust Banks serves a broad range of consumer, commercial, corporate and institutional clients. Its primary businesses include deposit, credit, trust and investment services, and through various subsidiaries the company provides mortgage banking, insurance, brokerage, investment management, equipment leasing and investment banking services. Headquartered in Atlanta, the company operates throughout the Southeast and Mid-Atlantic states with branches and a full array of ATM channels.
"Online fraud is a constant and increasing issue for the financial industry and its clients," says Adam Miller (left), assistant vice president, client authentication at SunTrust Bank. In fact, according to a recent survey conducted by the Association for Financial Professionals, 73 percent of AFP members polled said they either encountered attempted or experienced actual payments fraud.
"With the incidence of fraud increasing, SunTrust wanted to further help our clients secure their computers against man-in-the-middle, man-in-the-browser and phishing attacks, and protect data exchanged when clients are using SunTrust's Online Treasury Manager," says Miller. This is a service to commercial and institutional clients so they can manage their business accounts anytime and anywhere.
SunTrust's client authentication team continually evaluates emerging threats and partners with the bank's treasury and payment solutions product partners. With the threats attacking clients' systems, SunTrust wanted to help clients implement protection where the threat was, says Miller.
He and his team reviewed several security solutions before selecting Trusteer's Rapport as part of its overall defense strategy. Other solutions with different client experiences, such as those that reside on flash drives or other external devices, were evaluated, but ultimately SunTrust selected Trusteer Rapport due to what they determined was the effectiveness of the solution and the client experience for a successful implementation.
"We selected Trusteer Rapport because we found it provides some of the most advanced financial malware protection on the market, is easy for our clients to install, operates transparently to users, and complements our other security features, such as dual approval, dual administration and transaction limits that we already have in place to protect our clients," says Miller.
Specifically, there were two main capabilities that led to Miller's decision to select Trusteer. The first was risk assessment. "Trusteer has an extensive network of many financial institutions around the world and tens of millions of endpoint devices reporting suspicious financial malware activity," says Miller. The intelligence gathered by the Trusteer network is used to take adaptive steps within the Trusteer Rapport endpoint protection product to block new attacks, she says. This continuously updated protection is handled transparently by Trusteer, without any intervention by SunTrust's IT department or end-users.
The second factor was layered security. "Trusteer's architecture is capable of detecting and stopping certain financial malware at different points and using different technologies," says Miller. The tool uses several layers of security to protect endpoint devices from becoming infected with financial malware and to protect login credentials, financial information and transactions from being captured or tampered with, he says.
"Trusteer Pinpoint sits on our web application and is capable of monitoring logins and transactions for abnormal behavior associated with malware activity," Miller says. "Combined, these two layers of security can effectively detect and block sophisticated attacks on a client's computer."