Professional Documents
Culture Documents
Trusteer Mobile Risk Engine
Trusteer Mobile Risk Engine
Trusteer Mobile Risk Engine
risk associated with the mobile channel. FFIEC guidance requirements for layered security,
continuous risk assessment and complex device fingerprinting naturally extend to the mobile
channel. Organizations looking to mitigate mobile fraud risk should address complex cross
channel attacks and the unique challenges associated with the mobile channel.
Trusteer
Mobile Risk Engine
Correlates Online and Mobile Banking Risk Data for Conclusive Mobile Risk Detection
Web-based service
To address complex attacks across online and mobile channels, MRE can incorporate account risk
factors including malware infections and phishing incidents. This extended data set is collected by
Trusteers client-based (Trusteer Rapport) and clientless (Trusteer Pinpoint Malware Detection) fraud
prevention solutions. The risk data is used to accurately detect account takeover attempts from
mobile devices using compromised credentials from other channels.
Device
By relying on multiple risk factors across multiple
Vulnerabilities
channels, MRE can accurately track the full attack
lifecycle. It uses a set of mobile risk detection
rules that map current attack patterns and
are updated based on Trusteers global
intelligence. Only truly high-risk users
and transactions are flagged for review
or stepped-up authentication
Persistent
in order to minimize the
Device ID
burden to the customer.
Phishing
Incidents
Trusteer
Mobile Risk Engine
Malware
Infections
!
Trusteer Mobile Risk Engine correlates device risk factors
and account compromise history to automatically tag
fraudsters devices across all protected organizations.
Account
Access/ Trx
Trusteer Mobile SDK is invoked when the mobile application is launched to collect various device
risk factors. These include: geolocation, device time, IP address, missing OS security patches, rooted/
jailbroken device status, risky system configuration settings, malware infections, use of unsecured
Wi-Fi connection and more. Risk data is provided to the mobile banking app and can be used to
restrict functionality based on device risk level. For example, limiting specific application functions
(adding a payee or transferring money) on a jailbroken device. The risk data can also be sent to the
Trusteer Mobile Risk Engine where it is correlated with additional device and account risk factors
(such as malware infections and phishing incidents) to flag high risk access and transactions.
Persistent Device ID
User ID
Trusteer Mobile SDK creates a persistent mobile device ID allowing the organization to uniquely
identify any device using the native mobile banking app. The persistent device ID is associated with
the users account and uniquely identifies the device, even after the phone is re-imaged. This ensures
new devices are identified, login attempts from known devices are unchallenged, and potential
fraudster devices are flagged.
SIM Data
Jailbreak/Rooted Device
Malware Infection
OS Patching
Wi-Fi Security
Rogue Apps
Application ID
Geolocation
And more
Trusteer Pinpoint
Cybercrime Intelligence
Layer 2:
Clientless Fraud
Prevention
Trusteer Pinpoint
Account Takeover (ATO)
Detection
Malware
Detection
Trusteer Mobile
Risk Engine
er
Custom
e
Prot
c tio
Trusteer Apex
Zero-day exploits and data exfiltration prevention
for employees endpoints
Em
plo
Trusteer Apex
ye e
Prote
c
tion
Cu
r Pr
stome
o te
c tio
Layer 1:
Endpoint Security
Trusteer Rapport
Prevention and remediation of malware and
phishing threats on PCs and Macs
Trusteer Mobile
Embedded security library for native mobile apps,
dedicated secure mobile browser, out-of-band
authentication
MOBILE
RISK
MANAGEMENT
organizations against financial losses and data breaches. Hundreds of organizations and millions of end
users rely on Trusteer to protect managed and unmanaged endpoints against exploitation and compromise
by online threats that are invisible to legacy security solutions. Global organizations such as HSBC, Santander,
SunTrust and Fifth Third are among Trusteers customers.
Trusteer Inc.
545 Boylston Street, 5th Floor
Boston, MA 02116
T: +1 (866) 496-6139
T: +1 (617) 606-7755
info@trusteer.com
trusteer.com