RSA, The Security Division of EMC has revamped its Adaptive Authentication On Premise application with new features and enhancements.
The new application will help organisations to protect themselves against advanced threats without compromising end user experience, the company said.
Powered by the RSA Risk Engine, the new Adaptive Authentication application will mitigate the risk of account takeover by using a ‘Big Data’ approach to risk, drawing from a series of more than 100 different risk indicators, including device identification and behavior profiling, to validate user activity.
In addition, the new application is claimed to address threats posed by 30 million types of malware targeting end users for account takeover.
By incorporating additional Trojan detection features including Proxy and HTML injection protection, the RSA Adaptive Authentication On Premise address Man in the Browser (MITB) and Man in the Middle (MITM), techniques employed by the latest Trojan attacks in an attempt to compromise end user accounts.
The new application detects anomalous interactions and flags them to the organisation to take action to block, monitor or require additional authentication measures to complete a transaction.
RSA Adaptive Authentication claimed to detect and flag fraudulent changes to end users’ browser display via MITB attacks to manipulate payments or harvest additional user credentials.
It also defends against advanced Trojans using automated script attacks to fraudulently add payees and transfer money to mule accounts and utilises Man vs. Machine protection to determine whether mouse or keystroke movements are associated with data input, the company added.
Additionally, the RSA Adaptive Authentication differentiates between users who have the browser auto complete feature turned on and can adjust the risk score accordingly.
RSA’s new application determines when a login or transaction is being performed via a proxy which is anomalous to the user by identifying the true IP used, and adjusts the risk response appropriately.
The new application includes location awareness, which gathers location data through WiFi, cell tower triangulation and GPS to identify anomalous locations that are new to the user, fraudulent transaction attempts.
The mobile device characteristics are gathered through the RSA Adaptive Authentication platform for a mobile device or directly through a Software Development Kit (SDK).
In addition, the RSA Adaptive Authentication now protects against account takeover fraud in the ATM channel by assessing ATM-specific activity including date and time of access, transaction amount, frequency of withdrawal, ATM owner and ID and location of ATM in order to assess risk.
The RSA Adaptive Authentication solution has been enhanced to detect and monitor against these threats without requiring additional software to be installed on ATM machines.