Post on 31-Mar-2018
www.versafe-login.com
Versafe TotALL™ Online Fraud Protection Suite
Protect ALL online users.
From ALL malware, threat types.
On ALL devices.
ALL transparently to the user.
SOLUTION BRIEF
S O L U T I O N B R I E F | V E R S A F E T O TA L L O N L I N E F R A U D P R O T E C T I O N S U I T E [ 2 ]
In 2012, we witnessed an unprecedented growth in malware, zero-
days, and phishing worldwide. Beyond just the sheer volume, the
methods cyber criminals used to launch and host their malicious
content has made it more challenging for security and fraud
professionals to detect attacks targeting their organization, and
to comprehensively protect their entire user base in real-time.
The Versafe TotALL Online Fraud Protection Suite protects organizations and their end
users from the full range of malware and online threats, on all devices, without any
impact to the user experience. Leveraging advanced encryption, malware detection,
and behavioral analysis capabilities, Versafe works independently from or with existing
anti-fraud solutions, dramatically reducing clients’ fraud losses and providing critical
intelligence into the evolving threat landscape.
Clientless solution uniquely enabling malware detection and protection of your entire user base.
Advanced protection from all online threat types: zero-days, MITB, web injection, session hijacking, keylogging, automated transactions, MITM, phishing, social network fraud, malicious apps, and more.
Web and mobile device support, each channel able to be deployed in a matter of days.
Real-time alerts and reporting via the 24x7 Security Operations Center & Malware Analysis Team.
Versafe offers protection
against the entire spectrum of
online threat types, across all
device types, without requiring
users to download software or
register their device.
The TotALL™ Online Fraud Protection Suite
MMobileSSafe™WWeeWW bSafe™
ApplicationBanking
WebSafe™
Malware detectionMalware protectionTransactionprotectionAdvance phishing
detection
Layer 1 endpoint & Layer 2 navigation protection
End UserEnd User
Zero-days
Phishing
MitB
Targeted malware
Mobile
malware
MitM
SMS
grabbers
MobileSafe™
Jailbroken device
detection
Malware detection
Malware protection
Transaction
protection
WebSafe: Clientless protection of all users.
With more than 27 million unique malware variants developed in 2012 alone, WebSafe
helps organizations identify and protect against all web-based malware and other
threat types.
Deployed using either an SDK directly on the web application – or via one of our
integrated technology partners, such as f5 Networks – WebSafe can be deployed in
just days, without any impact on the end user.
– Malware Detection. WebSafe applies advanced techniques to detect both targeted
and generic malware – including web injection, credential grabbing, MITB, session-
hijacking, password stealers, and more – by identifying any changes to the HTML or
injection of malicious script into the genuine site. Honeypots are used to lure and
detect generic malware. WebSafe is also capable of detecting MITM access attempts
from a compromised network connection by performing checks on the SSL certificate,
domain and other components.
– Malware Protection. Advanced encryption at the application
level provides protection of all information transferred from the
user to the organization, thus rendering any data intercepted by
an attacker worthless. A one-time public key is generated by
the web server for each user session. When the encrypted
information is received by the web server, it is decrypted using
the server-side private key.
– Transaction Protection. WebSafe is able to identify and
prevent automated payments and money transfers initiated
by malware or a bot. Assessing a variety of device-specific
and behavioral variables – including device ID, mouse and
click patterns, sequencing of and timing between actions,
and many more – transactions by genuine users are
distinguished from those initiated by malware. Additionally, by
looking for malicious JavaScript functions and by performing
iFrame checks, automated transactions are further able to be
detected and mitigated.
– Advance phishing detection. WebSafe includes several protective layers to identify
phishing attempts through detection of website copying to extensive scans that include
more than ten different search characteristics. WebSafe can even detect phishing
attacks prior to being launched – at the point of sites being copied by attackers and
loaded to spoofed domains. WebSafe utilizes hidden code implemented on the
organization’s web site and programmed to alert the organization when the site has
been copied and when the copy has been loaded to a spoofed domain. WebSafe is
able to track critical details about the attack including IP address, drop zones, and
stolen credentials which are reported back to the organization.
WebSafe applies advanced
identification techniques to
detect malware, such as
changes in HTML code or
injection of malicious script.
S O L U T I O N B R I E F | V E R S A F E T O TA L L O N L I N E F R A U D P R O T E C T I O N S U I T E [ 3 ]
ApplicationBanking
Malwaredetection
Malwareprotection
Transactionprotection
End UserEnd User
WebSafe™
Advance phishing
detection
Cyberthreat
intelligence
Phishing,
malicious
site takedown
For more information, please email sales@versafe-login.com, or visit www.versafe-login.com
MobileSafe: Protection from all mobile malware threats
Versafe MobileSafe is offered as an SDK that can be easily integrated into any native
mobile application. With the ability to encrypt information at the application layer,
MobileSafe offers protection against advanced threats targeting the mobile user.
– Jailbroken Device Detection. By identifying devices that have been jailbroken,
the risk score for being potentially infected with malware is adjusted accordingly.
– Malware Detection. Some of the most common financial malware – including Zeus,
SpyEye and Citadel – have targeted mobile users with SMS-grabbing capabilities that
intercept out-of-band communications between the organization and the user. A
proprietary safety scoring method assesses a number of parameters on the device
such as checking the validity of SSL certificates and HTTPS connections, running
processes, and installed applications.
– Malware Protection. Encryption at the application layer –
using a public key generated on the fly by the web server on
the client side – and virtual keypads which can be
customized for mobile banking apps ensures that any
information intercepted by malware will be encrypted and
rendered useless to an attacker.
Versafe Security Operations Center: 24x7x365 Global Threat Protection
Versafe provides a managed security operations center to help
clients minimize risk against the latest cyber-attacks around the
clock. Responsible for discovering several noted attacks – such
as Eurograbber and a variety of zero-days – the Versafe Security
Operations Center works closely with security organizations and
law enforcement in several countries.
Clients can view and monitor the status of all threats targeting
their organization and users in real-time – from identification to
intelligence to remediation – through a central dashboard, as
well as real-time alerts via email or SMS.
ApplicationBanking
Malwareprotection
Malwaredetection
Jailbrokendevice
detection
End UserEnd User
MobileSafe™
Transaction
protection
Social
network
fraud
Fraudulent
apps
Versafe MobileSafe offers
protection against mobile
threats and SMS grabbing
through advanced encryption
at the application layer, and
can be easily integrated into
any native mobile app.
Responsible for discovering several noted attacks –
such as Eurograbber and a variety of zero-days – the
Versafe SOC works closely with security organizations
and law enforcement in several countries.