CastleCops® - Meridea Announces Breakthrough In The Fight Against Online Fraud

webitpr writes "Intelligent Transaction Authentication Via Your Mobile Device

London, England – November 2nd, 2005 - A major breakthrough in the fight against on-line fraud has been announced by Meridea, one of the leading providers of mobile and online self-service solutions for the financial services industry. Meridea has created a two-factor authentication (2FA) solution which operates via the customer’s own mobile phone. The solution uses a challenge/response mechanism, and is used to protect online banking customers by securing web banking sessions and individual transactions.

Meridea’s unique software solution is delivered to the customer’s own mobile handset using Over-the-Air (OTA) technology, making distribution of the solution inexpensive (the cost of an SMS) and very convenient for the customer. Instead of forcing the customer to carry extra token devices, cards or password lists, Meridea has made a secure solution available on the device he or she already has to hand. In addition to enhanced manageability, Meridea’s 2FA solution provides better peace of mind than other available 2FA solutions, as the customer is shown the details of the transaction that he is being asked to confirm – he can therefore be sure that the transaction is unaltered (and unalterable) by a “Man In The Middle”.

Jukka Riivari, CEO and President of Meridea explained; “Our 2FA security solution gives real added-value to both banks and their customers. For banks, it combines the manageability of “out-of-band” or offline authentication mechanisms with the security normally associated with a hardware token. For the customer, it is simple, intuitive and provides real peace of mind as they can be sure that what they believe they have authorized is exactly what’s going to happen. We call this “Intelligent Authentication”.

“Hardware tokens and indexed TAN lists are blind – they have no knowledge of individual transaction details and can therefore be used to validate a transaction which can be altered on the way to or from the bank by a “Man In The Middle” attack. Bank customers would have difficulty persuading their bank that such an altered transaction is fraudulent, as the customer appears to have provided a valid one-time password from his hardware token or password list. With Meridea’s 2FA solution the customer is presented with the transaction amount and the destination account number on his phone before agreeing to confirm the transaction. Meridea’s solution not only authenticates the user to the bank, it also authenticates the bank and the transaction to the user.

Vice President of Financial Products for Meridea, Justin McAuley added “Meridea’s Intelligent Authentication solution is attracting particular attention as a replacement for one-time password cards and lists which have been used by European banks for many years, and are now under pressure for their perceived security vulnerabilities in the national press. Many countries lack even this basic form of two-factor authentication - UK and US banks have had to be coaxed into action by regulatory and trade bodies, and have until now been faced with a choice between adopting “old” European PIN/TAN technologies or expensive hardware tokens for mass-market customers. We are pleased to be able to offer Meridea as the affordable, secure authentication solution for the mass-market”.

McAuley concluded saying; ”It is generally accepted that there is no such thing as total security – it is an arms race, and represents for banks a balance of cost versus financial threat and loss of reputation. A costly investment in hardware tokens for millions of customers might provide a level of protection against yesterday’s and today’s security threats – but what about tomorrow? The hardware devices cannot be altered, and must be discarded and replaced to deal with tomorrow’s threats. Meridea’s approach is based on software distributed directly onto the customer’s favourite device, which can be upgraded cheaply and securely to match new and emerging threats. Meridea’s Intelligent Authentication mechanism is a strategic weapon in the online security arms race.”

"


	2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved. Acceptable Use Policy. Use signifies your agreement. 176ppm 0.193s (0.009s) Making cybercriminals unhappy since 2002*