Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:36 PM
Dark Reading
Dark Reading
Products and Releases

HSBC Deploys Authentify's Out-of-Band Authentication System

Automated call synchronized with Web session prevents fraudulent transactions

London, U.K., - January 5, 2009 - Authentify, the global leader in out-of-band authentication solutions, today announced that HSBC has deployed Authentify's services to protect online and remote transactions from fraud. HSBC is the world's largest bank by asset size. Authentify's services are invoked automatically to authenticate online users attempting certain transaction types against HSBC accounts. The out-of-band process requires user specific details be entered into the telephone, separately from the Internet side of the exchange. The process isolates the authentication from Internet threats. It becomes much more difficult to hijack or tamper with an account even when armed with compromised identity information.

"Authentify enables HSBC to further validate the user and transaction details in real time while keeping the process convenient", said Peter Tapling, President & CEO of Authentify. "Using a telephone call synchronized to an online session provides a simple, reliable way to strengthen an online process. Authentify was easy to layer in with security mechanisms HSBC already had in place."

In a constantly evolving fraud environment, HSBC is continually evaluating new processes to protect its users and their assets. For some types of exploits, out-of-band technology was evaluated as offering the highest security with the most convenience.

According to Avivah Litan, Vice President and Distinguished Analyst at Gartner Research, "Protecting accounts and transactions from more sophisticated forms of fraud requires layers of security. Out-of-band authentication is one of the layers needed when financial services firms are encountering keystroke loggers and man in the middle exploits. In light of HSBC's global presence, an OOBA solution that works globally is needed.. A process that relies on the telephone makes sense in light of that need."

Historically, more difficult economic times have seen increases in crime. Cybercrime seems to follow a similar pattern. According to Authentify's Tapling, "Out-of-band Authentication, or OOBA, is a strong authentication factor which provides unique protections to HSBC and its customers from Internet attacks that can lead to identity theft. In light of continued warnings about increasing cyber attacks on banks, HSBC's customers can be confident that HSBC is doing everything they can to protect them."

About HSBC

The HSBC Group, headquartered in London, is the largest banking and financial service organization in the world based on asset size. Recently, HSBC also topped the Forbes 2000 list of the world's largest companies, the first time a non-US company has led the rankings since its launch in 2004. The annual index surveyed blue-chip firms in 26 industries across 60 countries and ranked them according to a composite of sales, profits, assets and market value. HSBC is one of five highest performers from the banking industry. HSBC Group serves over 125 million customers worldwide, with more than 10,000 offices in 83 countries.

About Gartner: Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. Gartner delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is the indispensable partner to 60,000 clients in 10,000 distinct organizations. Through the resources of Gartner Research, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 4,000 associates, including 1,200 research analysts and consultants in 80 countries. For more information, visit: www.gartner.com.

About Authentify Authentify Inc., provides automated authentication services to prominent global businesses, routinely protecting accounts and transactions in more than 150 countries. Authentify delivers an effective authentication process relying on making telephone contact with a user while they are managing an online account. It is a process that is practical for businesses, easy for users and effective worldwide by virtue of leveraging the reach and stability of the public switched telephone network. The company's patented technology employs a message based architecture permitting easy layering with existing technology and infrastructure. The company's primary focus is providing authentication services to enable routine but sensitive processes to complete with high levels of certainty. For more information visit Authentify at: www.authentify.com or contact:

John Zurawski

[email protected]



Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-16
An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint *.bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recommend...
PUBLISHED: 2021-04-16
The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration.
PUBLISHED: 2021-04-16
Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a server-to-server JWT or ...
PUBLISHED: 2021-04-16
Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a se...
PUBLISHED: 2021-04-16
A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS build 20210202 (and later) QT...