02:15 AM

Bank Chooses Comodo


JERSEY CITY, N.J. -- Comodo, a global Certification Authority and leading provider of Identity and Trust Assurance Management solutions, announced today that Boiling Springs Savings Bank is deploying Comodo's PKI-based Two Factor (TF) authentication solution as a critical component of its best practices strategy to comply with FFIEC guidelines. Comodo TF is a component of Comodo's S.A.F.E solution, which is an integrated suite of technologies that provides a best practices approach to mutual authentication, identity assurance and protection from phishing, pharming, and man-in-the-middle attacks.

"Our strategy to empower consumers with tools to protect their online identity, their PC and their online interactions has gained significant market momentum," said Melih Abdulhayoglu, President and CEO of Comodo. "Today, more businesses and consumers are actively seeking out the Comodo brand in a variety of market segments – from PC protection driven by our award winning free Firewall solution to identity verification solutions such as our site seal called Corner of Trust. This high level of brand recognition translates into increased trust when consumers see the Comodo brand during the course of their online interactions."

Comodo Two Factor (TF) Client Certificates - a High-Performance, Low Cost Solution with No Integration Financial institutions are under pressure to comply with Federal Financial Institutions Examination Council (FFIEC) guidelines by year-end to evaluate and strengthen their mutual authentication processes for online banking transactions. To comply with the guidelines, financial institutions seek to employ a multifactor solution with ease of integration, ease of adoption by online banking customers and ease of configurability. With Comodo TF, Boiling Springs Savings Bank can support a high-performance two- factor solution while reducing operating costs. This two-factor solution offers significant advantages over other two factor solutions (such as matrix cards, tokens or image recognition solutions):

  • One of the only PKI based two factor solution – PKI is considered one of the strongest forms of authentication available for online security
  • Lowest cost solution due to an established PKI infrastructure and digital certificate lifecycle management processes
  • Virtually the easiest multi-layer solution for members to adopt because there is no change in member's online banking behavior once a
  • DigitalID has been created. Members conveniently continue to use their existing usernames and passwords.
  • High level of flexibility and configurability for the financial institution
  • A platform that will support future authentication requirements Solution can be deployed in days Ease of customer support

Boiling Springs Deploys A Best Practices Approach To Mutual Authentication - Comodo TF + Comodo Content Verification Certificates (CVC)

As a best practices financial institution, Boiling Springs incorporated Comodo TF within their overall mutual authentication business process. To enable this level of mutual authentication, Boiling Springs is deploying two synergistic technologies: Comodo TF and Comodo Content Verification Certificates (CVC). While Comodo TF enables Boiling Springs to authenticate the identity of the customer, Boiling Springs also deployed CVC's so that their customers can verify the identity of the bank. CVC's uniquely tie specific web content, such as the log in box and graphical images, to specific Boiling Springs URL's and/or IP addresses thus confirming the site's identity. Together, this provides a PKI based mutual authentication process that thwarts phishing attacks, renders man-in the-middle attacks ineffective and protects customers against identity theft.

"As an Open Solutions Internet Banking application customer, we felt that the Comodo TF solution offered us the best mix of strength of security, convenience for our online banking customers, and lowest Total Cost of Ownership of the options available for mutual authentication," said Ken Emerson, CTO of Boiling Springs Savings Bank. "The other advantages are ease of deployment with practically no integration and a platform that will support our authentication requirements in the future."

Comodo's S.A.F.E. Solution was developed specifically to address diverse, complex and urgent needs of financial institutions for a solution that is configurable and practical. "The FFIEC guidelines are meant to address the changing nature of online identity and trust assurance threats," said Andrew Pynes, Executive Vice President of Comodo. "FFIEC guidelines require financial institutions to implement solutions this year that provide a highly secure, non-intrusive online banking experience. Comodo can help thousands of financial institutions protect their customers and achieve compliance with the guidelines."

Comodo Group

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
According to industry estimates, about a million new IT security jobs will be created in the next two years but there aren't enough skilled professionals to fill them. On top of that, there isn't necessarily a clear path to a career in security. Dark Reading Executive Editor Kelly Jackson Higgins hosts guests Carson Sweet, co-founder and CTO of CloudPassage, which published a shocking study of the security gap in top US undergrad computer science programs, and Rodney Petersen, head of NIST's new National Initiative for Cybersecurity Education.