Risk
11/16/2006
02:15 AM
Connect Directly
RSS
E-Mail
50%
50%

Bank Chooses Comodo

null

JERSEY CITY, N.J. -- Comodo, a global Certification Authority and leading provider of Identity and Trust Assurance Management solutions, announced today that Boiling Springs Savings Bank is deploying Comodo's PKI-based Two Factor (TF) authentication solution as a critical component of its best practices strategy to comply with FFIEC guidelines. Comodo TF is a component of Comodo's S.A.F.E solution, which is an integrated suite of technologies that provides a best practices approach to mutual authentication, identity assurance and protection from phishing, pharming, and man-in-the-middle attacks.

"Our strategy to empower consumers with tools to protect their online identity, their PC and their online interactions has gained significant market momentum," said Melih Abdulhayoglu, President and CEO of Comodo. "Today, more businesses and consumers are actively seeking out the Comodo brand in a variety of market segments – from PC protection driven by our award winning free Firewall solution to identity verification solutions such as our site seal called Corner of Trust. This high level of brand recognition translates into increased trust when consumers see the Comodo brand during the course of their online interactions."

Comodo Two Factor (TF) Client Certificates - a High-Performance, Low Cost Solution with No Integration Financial institutions are under pressure to comply with Federal Financial Institutions Examination Council (FFIEC) guidelines by year-end to evaluate and strengthen their mutual authentication processes for online banking transactions. To comply with the guidelines, financial institutions seek to employ a multifactor solution with ease of integration, ease of adoption by online banking customers and ease of configurability. With Comodo TF, Boiling Springs Savings Bank can support a high-performance two- factor solution while reducing operating costs. This two-factor solution offers significant advantages over other two factor solutions (such as matrix cards, tokens or image recognition solutions):

  • One of the only PKI based two factor solution – PKI is considered one of the strongest forms of authentication available for online security
  • Lowest cost solution due to an established PKI infrastructure and digital certificate lifecycle management processes
  • Virtually the easiest multi-layer solution for members to adopt because there is no change in member's online banking behavior once a
  • DigitalID has been created. Members conveniently continue to use their existing usernames and passwords.
  • High level of flexibility and configurability for the financial institution
  • A platform that will support future authentication requirements Solution can be deployed in days Ease of customer support

Boiling Springs Deploys A Best Practices Approach To Mutual Authentication - Comodo TF + Comodo Content Verification Certificates (CVC)

As a best practices financial institution, Boiling Springs incorporated Comodo TF within their overall mutual authentication business process. To enable this level of mutual authentication, Boiling Springs is deploying two synergistic technologies: Comodo TF and Comodo Content Verification Certificates (CVC). While Comodo TF enables Boiling Springs to authenticate the identity of the customer, Boiling Springs also deployed CVC's so that their customers can verify the identity of the bank. CVC's uniquely tie specific web content, such as the log in box and graphical images, to specific Boiling Springs URL's and/or IP addresses thus confirming the site's identity. Together, this provides a PKI based mutual authentication process that thwarts phishing attacks, renders man-in the-middle attacks ineffective and protects customers against identity theft.

"As an Open Solutions Internet Banking application customer, we felt that the Comodo TF solution offered us the best mix of strength of security, convenience for our online banking customers, and lowest Total Cost of Ownership of the options available for mutual authentication," said Ken Emerson, CTO of Boiling Springs Savings Bank. "The other advantages are ease of deployment with practically no integration and a platform that will support our authentication requirements in the future."

Comodo's S.A.F.E. Solution was developed specifically to address diverse, complex and urgent needs of financial institutions for a solution that is configurable and practical. "The FFIEC guidelines are meant to address the changing nature of online identity and trust assurance threats," said Andrew Pynes, Executive Vice President of Comodo. "FFIEC guidelines require financial institutions to implement solutions this year that provide a highly secure, non-intrusive online banking experience. Comodo can help thousands of financial institutions protect their customers and achieve compliance with the guidelines."

Comodo Group

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1544
Published: 2014-07-23
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger cer...

CVE-2014-1547
Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1548
Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1549
Published: 2014-07-23
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and applica...

CVE-2014-1550
Published: 2014-07-23
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.