Covelight Systems and StrikeForce Partner to Offer Risk-based Authentication for Web Applications
June 21 2006 – CARY, NC –Joint Offering Allows Financial Institutions to Achieve FFIEC Compliance to Eliminate Fraud in the Online Channel While Keeping End Users Satisfied
Covelight Systems, an innovator of solutions for passive, real-time identity-based monitoring of Web applications to detect fraud and identity theft, and StrikeForce Technologies (OTCBB:SKFT), a leader in solutions that prevent identity theft, today announced a strategic partnership that will deliver a comprehensive risk-based authentication solution to financial institutions by securing their Web applications without slowing down transactions for the end-user by only requiring multiple authentication when necessary during online experience.
The integrated solution consists of the StrikeForce ProtectID™ and the Covelight Percept™ Web application fraud management system, which together provides a complete, easy-to-deploy solution that meets the FFIEC Guidance for online banking protection and delivers proven security to combat online threats to customer data. Combining authentication technology from StrikeForce and passive, real-time monitoring outside of the data stream from Covelight, financial institutions will be able to provide secure online banking experiences for their customers without degrading their transaction experience. With Covelight Percept™ in place, users will only have to go through additional authentication processes when Covelight Percept™ detects unusual or risky behavior. Benefits to financial institutions include:
Beginning with the initial access, through login and during the entire session, Percept™ monitors each user and their online patterns, and automatically builds behavioral profiles allowing real time detection of suspicious or high-risk activity. In addition, Percept™ maintains detailed session and transaction logs and offers an incident investigation console to facilitate fraud case management and on-demand session audits.
The Covelight Percept™ Web application fraud management system incorporates network-based monitoring, multi-dimensional fraud detection and scoring to evaluate each user's session risk in real-time. If at any time during the user's session the Percept™ risk score exceeds a threshold, ProtectID™ can invoke the appropriate method of authentication.
"Covelight Percept™ is a proven fraud management solution that has been successfully deployed in leading financial institutions since 2004," said Covelight CEO Spencer Snedecor. "By integrating Percept™ with ProtectID™, we are delivering a complete risk-based authentication solution for protecting their sensitive online customer base."
StrikeForce Technologies' ProtectID™ multi-factor authentication platform offers third-party technology providers and banks the flexibility to select from numerous authentication methods, including cell phones, PDAs, soft and hard tokens, smartcards, and biometric devices. In the most common implementation, users answer an "Out-Of-Band" phone call and enter a PIN on the keypad of the phone to verify their identity and authorize each transaction. As an alternative or back-up, StrikeForce can e-mail one-time passwords, or turn a PDA, blackberry, or computer into a one-time password generator, eliminating the need to carry or purchase new technology. By bundling multiple authentication methods together, ProtectID™ permits choice by consumers, reinforcing bank security policy while providing the type of redundancy banks expect of their operational systems.
"In response to the FFIEC Guidance, financial institutions are seeking to implement a simple, layered, user authentication experience," said StrikeForce CEO Mark Kay. "Through the integration with Percept™, banks will be able to easily tie the user authentication to user behavior and dynamic events, providing the real time solution that put consumers in control of their accounts and transactions while mitigating attacks and fraud."
About Covelight Systems
Covelight Systems is the field-proven leader in passive, real-time identity-based monitoring of Web applications to protect confidential data from online fraud and identity theft. Covelight’s products, including Percept™ and FraudProbe™, provide real-time visibility into critical Web applications, detect suspicious behavior, provide continuous identity-based auditing for compliance, and forensic data for incident investigation. Only Covelight delivers solutions to detect the external and internal threats to confidential information and identity data accessed through Web applications, including account takeover fraud, insider identity theft, phishing activity and session hijacking. For more information, go to www.covelight.com or call at (919) 677-9680.
About StrikeForce Technologies
StrikeForce Technologies, a leader in solutions that prevent identity theft, is a company that can protect customers, partners and employees – in real time against identity fraud at almost every access point. Its total protection solution strengthens companies’ defenses against the biggest points of fraud – when accounts are opened, when they’re accessed, when they’re changed, and each time there’s a new transaction. StrikeForce Technologies is trading on the OTC bulletin board (SKFT) and the company is headquartered in Edison, N.J., and can be reached at www.strikeforcetech.com or (866) 787-4542.