Comarch Cyber Security solutions in Finance

Secure your sensitive data and resources

The financial industry has been a leader in data security for years. It is banks, brokerage companies, insurers, leasing companies and other financial market entities that are particularly motivated to incur data security expenses, for the sake of both employees and customers. This is because financial services are one of the areas most vulnerable to cyber attacks of any kind.

While it’s often shrouded in secrecy, many cybersecurity innovations originated in the financial sector. And because "money likes silence", the financial sector is trying to stay ahead of hackers' ingenuity.

There are many ways to gain unauthorized access to services and each day brings new vulnerabilities. Classification of those starts with account breach attempts or data theft (either as a result of an attack or leakage of access data from other services). More sophisticated methods include attempts to interfere with order details, or attacks using 2SV (two-step verification).

Recent years have shown that the most effective method of securing the access to payment instruments are 2FA tools in the form of hardware tokens or advanced mobile solutions. Especially those that guarantee the undeniability of the presented data and take proper care of the security of user cryptographic material.

tpro security

tPro ECC

tpro token security

The tPro ECC solution is a proprietary hardware token based on the strength of elliptical curves cryptography, which are currently the most efficient cryptosystem on the market, providing a higher level of security than RSA keys of the same length. Additionally, the token is equipped with an HPD (Human Presence Detection) mechanism, which makes it resistant to all kinds of remote attacks. Each authorization requires the user to press a button located on the housing of the device. The device communicates with the browser using its own protocol, and the communication itself does not require any browser extensions to be installed. Local service on the workstation ensures security and integrity of content being presented.

tPro Mobile

The tPro Mobile token is an example of an advanced mobile tool for transaction authorization and strong user authentication. The solution has been designed to meet the rigorous requirements of the PSD-2 directive. The tPro Mobile solution ensures security, uniqueness and integrity of the authorization code at every stage of its generation, as well as the integrity of the presented transfer data. Compatibility with the solution can can work on three layers:

  • Business layer
  • Network layer
  • Application layer

Such division allows for quick and convenient integration even in case of already existing mobile applications, where tPro Mobile is offered as a collection of tPro MobileSDK programming libraries. This makes it possible to add a security layer to the existing applications, while maintaining all the token’s advantages.

Token's advantages

What You See Is Is What You Sign
Asymmetric ECC cryptography for server connection
Use of TPM (Trusted Platform Module) at the cryptographic material security stage
Compatibility with RTS (PSD-2)
Anti-tampering mechanism (detection of threats in the runtime environment)
tPro Mobile Overview

Comarch IAM solution

Working in conjunction with Comarch IAM Authentication Server (CIAM AS), the tPro family provides a ready-to-use solution to secure authentication and authentication operations, providing effective protection against the following attacks:

  • Phishing,
  • Man In The Middle
  • Man In The Browser,
  • Compromised credentials
  • Remote attacks

The CIAM AS solution itself, which is the basic module of the Comarch IAM platform, provides:

  1. support for a variety of authentication methods, such as:
    •  Static passwords,
    •  X.509 certificates,
    •  software and hardware cryptographic tokens (incl. tPro family),
    •  OTP tokens,
  2. token life cycle management,
  3. support for biometric validation methods
  4. integration with RADIUS interfaces and LDAP protocols
  5. integration with SIEM tools
  6. file signing
  7. strong client authentication compatible with PSD-2
  8. anti-tamperig mechanism (running-environment analysis)

Security can be further enhanced by using the Comarch IAM solution.

Thanks to that, apart from the value of CIAM AS, we will offer:

  • identity management of users and systems
  • managing access to domain resources in the company
  • full accountability
  • Single Sign-On for Comarch IAM applications
  • single logout (single logout)
  • reflection of the organization's structure
  • support for different operating contexts (a user in different organizations of the same installation may have different set of rights)
  • support for delegation of rights (rights of one person may be transferred to another)
  • multi-level administration
  • workflow

Such comprehensive protection of your financial system may significantly improve the image of the organization and, above all, effectively protect it against numerous cyber threats.

Look for Comarch Cyber Security solutions

Want to learn more?

Tell us about your business needs. We will find the perfect solution.