The financial industry has been a leader in data security for years. It is banks, brokerage companies, insurers, leasing companies and other financial market entities that are particularly motivated to incur data security expenses, for the sake of both employees and customers. This is because financial services are one of the areas most vulnerable to cyber attacks of any kind.
While it’s often shrouded in secrecy, many cybersecurity innovations originated in the financial sector. And because "money likes silence", the financial sector is trying to stay ahead of hackers' ingenuity.
There are many ways to gain unauthorized access to services and each day brings new vulnerabilities. Classification of those starts with account breach attempts or data theft (either as a result of an attack or leakage of access data from other services). More sophisticated methods include attempts to interfere with order details, or attacks using 2SV (two-step verification).
Recent years have shown that the most effective method of securing the access to payment instruments are 2FA tools in the form of hardware tokens or advanced mobile solutions. Especially those that guarantee the undeniability of the presented data and take proper care of the security of user cryptographic material.
The tPro ECC solution is a proprietary hardware token based on the strength of elliptical curves cryptography, which are currently the most efficient cryptosystem on the market, providing a higher level of security than RSA keys of the same length. Additionally, the token is equipped with an HPD (Human Presence Detection) mechanism, which makes it resistant to all kinds of remote attacks. Each authorization requires the user to press a button located on the housing of the device. The device communicates with the browser using its own protocol, and the communication itself does not require any browser extensions to be installed. Local service on the workstation ensures security and integrity of content being presented.
The tPro Mobile token is an example of an advanced mobile tool for transaction authorization and strong user authentication. The solution has been designed to meet the rigorous requirements of the PSD-2 directive. The tPro Mobile solution ensures security, uniqueness and integrity of the authorization code at every stage of its generation, as well as the integrity of the presented transfer data. Compatibility with the solution can can work on three layers:
Such division allows for quick and convenient integration even in case of already existing mobile applications, where tPro Mobile is offered as a collection of tPro MobileSDK programming libraries. This makes it possible to add a security layer to the existing applications, while maintaining all the token’s advantages.
Working in conjunction with Comarch IAM Authentication Server (CIAM AS), the tPro family provides a ready-to-use solution to secure authentication and authentication operations, providing effective protection against the following attacks:
Thanks to that, apart from the value of CIAM AS, we will offer:
Such comprehensive protection of your financial system may significantly improve the image of the organization and, above all, effectively protect it against numerous cyber threats.
Tell us about your business needs. We will find the perfect solution.