bugFraud

TBuguroo proposes a new solution to provide end-users' full protection and to allow the bank of each client to know and understand the origin of the attack. This system is highly attractive to the market, thanks to the following features:

•Automate your response to attacks against your customers with malware by using our unique Greylisting approach

•Prevent the effects of account take over with our per profile behavioral biometrics

•Target fraudsters with our engine that allows pinpointing the criminals by acquiring the information about the context and behavioral biometrics     

Below we present the most outstanding benefits that the bugFraud solution offers:

•An integral, holistic layer of defence that complements other BANK security systems, focusing on the protection of its customers using digital banking as these are usually the most vulnerable in the use of online banking services.

•Advanced Artificial Intelligence and Deep Learning techniques for biometric profiling of behavior are used for real-time detection of attacks that seek to supplant the identity of the user (ATO). It is also a protection layer against theft of online or offline credentials, attacks that take remote control of sessions such as RAT, or attacks by automatic bots.

•Immediate protection of 100% of digital banking users once the BANK implements it in its online web banking channels and is updated in the mobile banking application.

•Active protection during the entire online banking session: from the moment authentication through the actions such as executing queries and operations in digital banking, until they finally close and exit the online banking session. It works throughout the session and not only at certain specific static moments.

•Execution of automatic countermeasures for the BANK clients to protect them in real-time against the cyberattacks.

•Transparent and without impacting the user experience in the use of online banking through "agentless" or "frictionless protection" that does not require any action or software installation on the user's device, but works transparently and automatic within the digital banking session itself.

•Protection of both web channel and in the mobile app analyzing and relating dozens of device parameters, user behavior biometrics and advanced malware detection techniques.

•Detection of fraud attacks at an early stage such as phishing campaigns as well as more sophisticated attacks directed against bank clients. Attacks based on web injections, MITB, even in unknown malware (Zero Day), or any use of digital banking that does not belong to the real user.

•Real-time insight and intelligence about the victims of the fraud. Based on that information BANK knows from the beginning and without delay, which of its users are attacked as well as how, when and where they became victims of an attack.

•Easy installation, commissioning and subsequent maintenance by the BANK as it is a component that works embedded in the web portal or within the digital banking app that, thanks to its design and architecture, allows for hot updating and execution without affecting the performance of the users.

•Acquisition of non-sensitive information related to customers or bank operations and information, complying regulations and regulations with data protection personal (e.g. GDPR);

•Support service that works in the cloud with 24x7 support in English and Spanish under the significant benefits related to the availability and security of the solution.

•An optional graphical console for monitoring and visualization of alarms with anomalies and technological risk of users in online sessions detected in real-time, as support in analysis activities of said alarms.

•Optional integration with other systems or applications existing in the BANK such as SIEM, transaction monitors, risk analysis engines and others). Thanks to integration options bugFraud provide risk information, alarms and events, which can be processed with other tools and sources of information from the BANK. It allows the creation of advanced actions of greater scope, trigger research flows, analyze risks and present alarms in a single user interface that could already exist deployed.     

Both Buguroo’s solution and their competitors detect online fraud and anticipate potential cases that can end up in fraud (early detection, before it happens). However, as much as they detect attacks, fraudsters will keep trying.

Buguroo proposes a new solution to provide end users’ full protection and to allow the bank of each client to know the origin of the attack. This system is highly attractive to the market thanks to the following features:

•Their inability to guarantee sufficient confidence of the two fundamental principles of fraud prevention: to ensure the legitimate identity of end-users and to ensure they are not deceived during the online session.

•Non-full session protection. They are often only valid for specific moments of the online service and not capable of protecting users during the entire duration of the online session "continuous authentication".

•A smaller scope of detection capabilities and less adaption to changes in cyber-attacks techniques, since they use predictive models not based on AI.

•Disregarding User Experience (UX). Several solutions do not care about the end-user experience: friction is created to them because software must be installed in the end-user devices or because users must overcome more security challenges to confirm their identity. Such an approach reduces the business simplicity of the processes.

Presented arguments render the majority of existing solutions inefficient and incomplete to solve the variety and complexity of current and future attacks in online fraud.